Ahoj zde je muj HIJACKTHIS LOG prosím o kontrolu a radu co popr.zablokovat...
predem diky, peruan
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:24, on 2014-05-16
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Users\Koblih\Downloads\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 6857 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosba o kontrolu LOGU
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosba o kontrolu LOGU
Logfile of random's system information tool 1.09 (written by random/random)
Run by Koblih at 2014-05-17 15:07:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (12%) free of 60 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:15, on 2014-05-17
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Users\Koblih\Downloads\ruzne\RSIT (1).exe
C:\Program Files\trend micro\Koblih.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 7189 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-12 655040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-12 1238336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-12 455360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-12 798912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\P4P\P4P.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPIRunE]
Rundll32 SPIRunE.dll,RunDLLEntry []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-12-16 1549608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-01 795936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-17 15:06:12 ----D---- C:\rsit
2014-05-17 15:06:12 ----D---- C:\Program Files\trend micro
2014-05-14 21:52:53 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 21:51:08 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 21:51:07 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 19:51:00 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 19:50:59 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 19:50:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 19:50:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-14 19:50:53 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 19:50:52 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 19:50:52 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 19:50:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 19:50:51 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 19:50:25 ----A---- C:\Windows\system32\shell32.dll
2014-05-07 18:40:29 ----D---- C:\ProgramData\Casino
2014-05-07 18:37:59 ----D---- C:\Program Files\Casino
2014-05-06 22:10:33 ----SD---- C:\Windows\system32\CompatTel
2014-04-28 23:12:24 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2014-04-18 17:23:52 ----D---- C:\Program Files\VideoLAN
======List of files/folders modified in the last 1 month======
2014-05-17 15:07:37 ----D---- C:\Windows\Temp
2014-05-17 15:06:12 ----RD---- C:\Program Files
2014-05-17 14:32:44 ----SHD---- C:\System Volume Information
2014-05-17 11:55:22 ----D---- C:\Windows\system32\config
2014-05-17 06:51:53 ----D---- C:\ProgramData\Kaspersky Lab
2014-05-17 06:49:04 ----D---- C:\ProgramData\NVIDIA
2014-05-16 18:17:00 ----D---- C:\Windows\Microsoft.NET
2014-05-16 18:16:22 ----RSD---- C:\Windows\assembly
2014-05-16 16:25:24 ----D---- C:\Windows\winsxs
2014-05-16 16:22:37 ----D---- C:\Windows\System32
2014-05-16 16:22:36 ----D---- C:\Windows\system32\cs-CZ
2014-05-16 16:22:35 ----D---- C:\Windows\system32\drivers
2014-05-14 21:54:57 ----SHD---- C:\Windows\Installer
2014-05-14 21:54:56 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 21:54:39 ----D---- C:\Windows\system32\MRT
2014-05-14 21:53:10 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 21:52:53 ----D---- C:\Program Files\Common Files
2014-05-14 21:51:13 ----D---- C:\Windows\system32\catroot
2014-05-14 19:49:08 ----D---- C:\Windows\system32\catroot2
2014-05-14 19:24:57 ----D---- C:\Program Files\Opera
2014-05-14 19:24:20 ----D---- C:\Windows\Prefetch
2014-05-13 18:06:51 ----D---- C:\Windows\inf
2014-05-13 18:06:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-07 22:50:58 ----D---- C:\_INSTALACKY PROGRAMU
2014-05-07 18:40:29 ----HD---- C:\ProgramData
2014-04-29 23:11:12 ----D---- C:\Windows\Tasks
2014-04-29 20:03:01 ----D---- C:\Users\Koblih\AppData\Roaming\vlc
2014-04-29 19:58:38 ----D---- C:\Windows\system32\Tasks
2014-04-29 00:11:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-04-25 19:48:08 ----D---- C:\Windows\rescache
2014-04-25 19:08:53 ----D---- C:\Windows\system32\wfp
2014-04-25 19:08:50 ----D---- C:\Windows\system32\wbem
2014-04-25 19:08:50 ----D---- C:\Windows
2014-04-25 19:07:45 ----D---- C:\Windows\system32\DriverStore
2014-04-25 19:07:45 ----D---- C:\Program Files\Internet Explorer
2014-04-25 19:07:43 ----D---- C:\Windows\registration
2014-04-18 18:13:48 ----D---- C:\Program Files\Common Files\System
2014-04-18 18:13:48 ----A---- C:\Windows\win.ini
2014-04-18 14:36:33 ----RSD---- C:\Windows\Fonts
2014-04-18 14:36:05 ----D---- C:\Program Files\Common Files\microsoft shared
2014-04-18 14:35:54 ----D---- C:\Program Files\Microsoft Works
2014-04-18 12:22:34 ----D---- C:\Windows\AppPatch
2014-04-18 12:22:32 ----D---- C:\Windows\system32\en-US
2014-04-18 12:22:32 ----D---- C:\Windows\PolicyDefinitions
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-04-12 135776]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-04-12 576608]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 25696]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 14432]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 45024]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-04-12 144992]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-04-12 25184]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 25696]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2012-12-16 14392]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-12-16 223920]
R3 t3;SB Xtreme Audio Notebook; C:\Windows\system32\drivers\t3.sys [2009-06-04 413208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-12-16 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-12-16 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-12-16 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-12-16 18344]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1.sys [2012-12-13 24424]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SRS_AE_Service;SRS Audio; C:\Windows\system32\drivers\SRS_AE_i386.sys [2012-06-21 407368]
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 35088]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S4 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2014-04-12 94304]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [2013-10-20 214512]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-16 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-16 79360]
S3 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-22 1343400]
S4 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Koblih at 2014-05-17 15:07:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 7 GB (12%) free of 60 GB
Total RAM: 2815 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:15, on 2014-05-17
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Users\Koblih\Downloads\ruzne\RSIT (1).exe
C:\Program Files\trend micro\Koblih.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 7189 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-12 655040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-12 1238336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-12 455360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-12 798912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA]
C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2]
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerForPhone]
C:\Program Files\P4P\P4P.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPIRunE]
Rundll32 SPIRunE.dll,RunDLLEntry []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-12-16 1549608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-07-01 795936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-17 15:06:12 ----D---- C:\rsit
2014-05-17 15:06:12 ----D---- C:\Program Files\trend micro
2014-05-14 21:52:53 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 21:51:08 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 21:51:07 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 19:51:00 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 19:50:59 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 19:50:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 19:50:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-05-14 19:50:53 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 19:50:52 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 19:50:52 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 19:50:52 ----A---- C:\Windows\system32\adprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 19:50:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 19:50:51 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 19:50:51 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 19:50:25 ----A---- C:\Windows\system32\shell32.dll
2014-05-07 18:40:29 ----D---- C:\ProgramData\Casino
2014-05-07 18:37:59 ----D---- C:\Program Files\Casino
2014-05-06 22:10:33 ----SD---- C:\Windows\system32\CompatTel
2014-04-28 23:12:24 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2014-04-18 17:23:52 ----D---- C:\Program Files\VideoLAN
======List of files/folders modified in the last 1 month======
2014-05-17 15:07:37 ----D---- C:\Windows\Temp
2014-05-17 15:06:12 ----RD---- C:\Program Files
2014-05-17 14:32:44 ----SHD---- C:\System Volume Information
2014-05-17 11:55:22 ----D---- C:\Windows\system32\config
2014-05-17 06:51:53 ----D---- C:\ProgramData\Kaspersky Lab
2014-05-17 06:49:04 ----D---- C:\ProgramData\NVIDIA
2014-05-16 18:17:00 ----D---- C:\Windows\Microsoft.NET
2014-05-16 18:16:22 ----RSD---- C:\Windows\assembly
2014-05-16 16:25:24 ----D---- C:\Windows\winsxs
2014-05-16 16:22:37 ----D---- C:\Windows\System32
2014-05-16 16:22:36 ----D---- C:\Windows\system32\cs-CZ
2014-05-16 16:22:35 ----D---- C:\Windows\system32\drivers
2014-05-14 21:54:57 ----SHD---- C:\Windows\Installer
2014-05-14 21:54:56 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 21:54:39 ----D---- C:\Windows\system32\MRT
2014-05-14 21:53:10 ----A---- C:\Windows\system32\MRT.exe
2014-05-14 21:52:53 ----D---- C:\Program Files\Common Files
2014-05-14 21:51:13 ----D---- C:\Windows\system32\catroot
2014-05-14 19:49:08 ----D---- C:\Windows\system32\catroot2
2014-05-14 19:24:57 ----D---- C:\Program Files\Opera
2014-05-14 19:24:20 ----D---- C:\Windows\Prefetch
2014-05-13 18:06:51 ----D---- C:\Windows\inf
2014-05-13 18:06:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-07 22:50:58 ----D---- C:\_INSTALACKY PROGRAMU
2014-05-07 18:40:29 ----HD---- C:\ProgramData
2014-04-29 23:11:12 ----D---- C:\Windows\Tasks
2014-04-29 20:03:01 ----D---- C:\Users\Koblih\AppData\Roaming\vlc
2014-04-29 19:58:38 ----D---- C:\Windows\system32\Tasks
2014-04-29 00:11:54 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-04-25 19:48:08 ----D---- C:\Windows\rescache
2014-04-25 19:08:53 ----D---- C:\Windows\system32\wfp
2014-04-25 19:08:50 ----D---- C:\Windows\system32\wbem
2014-04-25 19:08:50 ----D---- C:\Windows
2014-04-25 19:07:45 ----D---- C:\Windows\system32\DriverStore
2014-04-25 19:07:45 ----D---- C:\Program Files\Internet Explorer
2014-04-25 19:07:43 ----D---- C:\Windows\registration
2014-04-18 18:13:48 ----D---- C:\Program Files\Common Files\System
2014-04-18 18:13:48 ----A---- C:\Windows\win.ini
2014-04-18 14:36:33 ----RSD---- C:\Windows\Fonts
2014-04-18 14:36:05 ----D---- C:\Program Files\Common Files\microsoft shared
2014-04-18 14:35:54 ----D---- C:\Program Files\Microsoft Works
2014-04-18 12:22:34 ----D---- C:\Windows\AppPatch
2014-04-18 12:22:32 ----D---- C:\Windows\system32\en-US
2014-04-18 12:22:32 ----D---- C:\Windows\PolicyDefinitions
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2014-04-12 135776]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 epfwtdi;epfwtdi; C:\Windows\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-04-12 576608]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 25696]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 14432]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 45024]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2014-04-12 144992]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamon;EAMON; C:\Windows\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-06-27 2191872]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2014-04-12 25184]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 25696]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2012-12-16 14392]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-12-16 223920]
R3 t3;SB Xtreme Audio Notebook; C:\Windows\system32\drivers\t3.sys [2009-06-04 413208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-12-16 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-12-16 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-12-16 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-12-16 18344]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1.sys [2012-12-13 24424]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SRS_AE_Service;SRS Audio; C:\Windows\system32\drivers\SRS_AE_i386.sys [2012-06-21 407368]
S3 tap0901;avast! SecureLine TAP Adapter; C:\Windows\system32\DRIVERS\tap0901.sys [2013-04-30 35088]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S4 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2014-04-12 94304]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [2013-10-20 214512]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 664352]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-12-16 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-12-16 79360]
S3 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 108032]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-22 1343400]
S4 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
S4 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosba o kontrolu LOGU
Dekuji, sem jeden z tupeho davu kery plytval Tvym casem.
Vse dobre Tobe chlope, czest
Vse dobre Tobe chlope, czest
Re: Prosba o kontrolu LOGU
No to jiste, taky jsem diky tobe zjistil ze tam sou este zbytky z avasta, tak sem to musel doodinstalovat s jejich uninstalaterem v nouz. rezimu....
Btw.Ted jak sem si precet s odstupem tu svoji odpoved..tak to vyznelo asi mozne pohrdave, ale to ne, ja dik za radu jako:)
Ale o NODu nic nevim, to mam akorat stahlou instalacku trialu jejich, ale nikdy sem ani neotviral...
No a dva dny zpatky sem dal cosi pres 4kila za rok Kasperskeho licence...
Nechal sem vytvorit zpravu o stavu systemu, a tam me trochu strasi cosi o remote userovi...
Ted premyslim ze spustim ten jejich skript....
Btw.Ted jak sem si precet s odstupem tu svoji odpoved..tak to vyznelo asi mozne pohrdave, ale to ne, ja dik za radu jako:)
Ale o NODu nic nevim, to mam akorat stahlou instalacku trialu jejich, ale nikdy sem ani neotviral...
No a dva dny zpatky sem dal cosi pres 4kila za rok Kasperskeho licence...
Nechal sem vytvorit zpravu o stavu systemu, a tam me trochu strasi cosi o remote userovi...
Ted premyslim ze spustim ten jejich skript....
Re: Prosba o kontrolu LOGU
Nod si někdy musel mít nainstalovaný, protože tam běží jeho služby.peruan píše:Ale o NODu nic nevim, to mam akorat stahlou instalacku trialu jejich, ale nikdy sem ani neotviral...
Tak že je odmaznem.
Stáhni a spusť OTMoveIt
do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Program Files\AVAST Software
C:\Windows\system32\DRIVERS\epfwtdi.sys
C:\Windows\system32\DRIVERS\eamon.sys
C:\Windows\system32\DRIVERS\epfw.sys
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
:services
epfwtdi
eamon
epfw
:commands
[purity]
[emptytemp]
[start explorer]pokud aplikace bude požadovat restart, klikni na YES
v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
No co zkus.peruan píše:Ted premyslim ze spustim ten jejich skript....
Re: Prosba o kontrolu LOGU
Neboj se a OTMoveIt normálně spusť, nejsi první ani poslední kdo ho použije.peruan píše:nevim esi se nemam obavat to spustit.....
http://whitelisting.kaspersky.com/advis ... 5DEC76F363
Přispějete na provoz fóra?