Prosím o kontrolu logu. Počítač výrazně zpomalil. Odstranil jsem hromadu balastního sw (hry, browsery, ...), vyčistil CCleanerem, ale nedošlo k výraznému zlepšení.
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2014-12-06 11:40:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (13%) free of 76 GB
Total RAM: 1790 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:43, on 6.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
D:\Glary Utilities 3\memdefrag.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
D:\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] D:\Glary Utilities 3\memdefrag.exe /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.1.9 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13325 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
"C:\Program Files (x86)\AVG\AVG9\avgchsva.exe"
"C:\Program Files (x86)\AVG\AVG9\avgrsa.exe"
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
/pipeName=05606be5-dc38-4eba-a0e0-b6224904efc7 /coreSdkOptions=30 /logConfFile="C:\ProgramData\avg9\temp\dda14d4d-77eb-4857-876d-0c2529a06685-1e4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG9\" /tempPath="C:\ProgramData\avg9\temp\"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
\??\C:\Windows\system32\conhost.exe "1614612837-1083901551642085101-617873434-18166899451528975365-1702694750-1169740399
"C:\Program Files (x86)\AVG\AVG9\avgnsa.exe"
WLIDSvcM.exe 2076
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"D:\Glary Utilities 3\memdefrag.exe" /autostart
taskeng.exe {5E860317-2963-406A-9870-8B9046020022}
taskeng.exe {1F4CF065-E784-46A1-A8EB-B4E6DFB413DD}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-3604843881-1481373681-328990768-1000
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\AVG\AVG9\avgtray.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\Glary Utilities 3\x64\Win64ShellLink.exe" ShellLinkX64 3120
"D:\Glary Utilities 3\Integrator.exe" /autostart
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
WDC.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\atibtmon.exe Global\Ati_VariBrightMonitorEvent
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Admin\Downloads\RSITx64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 3.job - D:\Glary Utilities 3\Initialize.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default
prefs.js - "browser.startup.homepage" - "http://isearch.avg.com?pid=avg&sg=0&cid ... A35&sap=hp"
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.202.012.001, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, avg@toolbar:13.2.0.5, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?pid=avg&s ... &sap=ku&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll [2011-05-07 2334560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\ProgramData\LangSoft\WebIE.dll [2011-05-06 798771]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll [2011-05-07 1623392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-29 3627032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-06 798771]
{D5D47440-0750-463D-BAEF-A47D02414806}
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll [2014-08-29 3627032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"Glary Memory Optimizer"=D:\Glary Utilities 3\memdefrag.exe [2013-08-07 117536]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-10-21 3054136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-26 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"AVG9_TRAY"=C:\PROGRA~2\AVG\AVG9\avgtray.exe [2012-01-26 2077536]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2010-03-12 49208]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-23 1601536]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2014-08-29 2640408]
"ROC_roc_dec12"=C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe [2012-01-16 928096]
"ROC_ROC_JULY_P1"=C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe [2012-09-04 1022048]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrssta.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 11:40:27 ----D---- C:\Program Files\trend micro
2014-12-06 11:40:25 ----D---- C:\rsit
2014-12-06 11:09:43 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06Z..ZZZ....ZZZ..Z
2014-12-02 08:57:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 13:54:17 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 13:54:16 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 14:00:52 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:00:50 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 14:00:49 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 14:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:00:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 14:00:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:59:29 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:59:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:59:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:59:12 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:59:11 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 13:59:08 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:59:08 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:58:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:58:52 ----A---- C:\Windows\system32\oleaut32.dll
======List of files/folders modified in the last 1 month======
2014-12-06 11:40:44 ----D---- C:\Windows\Prefetch
2014-12-06 11:40:27 ----RD---- C:\Program Files
2014-12-06 11:20:13 ----SHD---- C:\Windows\Installer
2014-12-06 11:19:04 ----D---- C:\Windows\SysWOW64
2014-12-06 11:08:35 ----D---- C:\Windows\Temp
2014-12-06 11:05:21 ----D---- C:\Program Files\CCleaner
2014-12-06 11:04:49 ----D---- C:\Windows\system32\drivers\Avg
2014-12-06 11:00:54 ----D---- C:\Windows\system32\LogFiles
2014-12-06 11:00:11 ----D---- C:\Windows\System32
2014-12-06 11:00:06 ----D---- C:\Windows\inf
2014-12-06 10:59:34 ----D---- C:\Windows\Minidump
2014-12-06 10:59:34 ----D---- C:\Windows
2014-12-05 22:55:23 ----D---- C:\Windows\system32\config
2014-12-05 22:42:24 ----SHD---- C:\System Volume Information
2014-12-05 22:01:18 ----A---- C:\Windows\system32\acovcnt.exe
2014-12-05 22:00:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 22:00:25 ----D---- C:\Users\Admin\AppData\Roaming\DiskDefrag
2014-12-02 09:04:38 ----RD---- C:\Program Files (x86)
2014-11-28 19:23:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-25 21:26:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-22 03:23:59 ----D---- C:\Windows\system32\Tasks
2014-11-22 03:23:08 ----D---- C:\Windows\winsxs
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot2
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot
2014-11-13 04:53:45 ----D---- C:\Windows\rescache
2014-11-13 04:00:27 ----D---- C:\Windows\Microsoft.NET
2014-11-13 03:59:10 ----RSD---- C:\Windows\assembly
2014-11-13 03:35:05 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 03:35:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 03:35:02 ----D---- C:\Windows\system32\drivers
2014-11-13 03:35:02 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 03:35:01 ----D---- C:\Program Files\Internet Explorer
2014-11-13 03:35:00 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 03:35:00 ----D---- C:\Windows\system32\en-US
2014-11-13 03:34:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 03:16:07 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AvgLdx64;AVG Free AVI Loader Driver x64; C:\Windows\System32\Drivers\avgldx64.sys [2013-02-21 282976]
R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64; C:\Windows\System32\Drivers\avgmfx64.sys [2011-09-13 35664]
R1 AvgTdiA;AVG Free Network Redirector x64; C:\Windows\System32\Drivers\avgtdia.sys [2011-05-08 317520]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-08-12 50976]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-25 7195648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-07-25 265728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S0 BootDefragDriver;BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-07-25 203264]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avg9wd;AVG Free WatchDog; C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2011-05-07 308136]
R2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2014-08-12 1820184]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2011-11-10 167264]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-02 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomalení počítače
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Zpomalení počítače
Zdravim 
Odinstalujte McAfee Security Scan
Pokud je to mozne, doporucuji odinstalovat vse od AVG a nainstalovat treba Avast, nebo jiny Free antivir.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Odinstalujte McAfee Security Scan Pokud je to mozne, doporucuji odinstalovat vse od AVG a nainstalovat treba Avast, nebo jiny Free antivir. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
TomsS
- Návštěvník
- Příspěvky: 12
- Registrován: 07 bře 2007 15:32
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Zpomalení počítače
McAfee odinstalován
AVG vyměněn za Avast!
Log z AdwCleaneru:
# AdwCleaner v4.104 - Report created 06/12/2014 at 14:28:38
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Admin - PC
# Running from : C:\Users\Admin\Desktop\adwcleaner_4.104.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Users\Admin\AppData\LocalLow\AVG Security Toolbar
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Admin\AppData\Local\Temp\Uninstall.exe
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v34.0 (x86 cs)
[k0odwmx5.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com?pid=avg&sg=0&cid=%7B631d54cc-7a8f-4472-81c1-65cfba2325f9%7D&mid=f41d6ec8001c3c275d88c5a58674707f-bcf8ee5ba8b64b410d1b33fc3aaf69f00df34a66&[...]
[k0odwmx5.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?pid=avg&sg=0&cid=%7B631d54cc-7a8f-4472-81c1-65cfba2325f9%7D&mid=f41d6ec8001c3c275d88c5a58674707f-bcf8ee5ba8b64b410d1b33fc3aaf69f00df34a66&ds=AVG[...]
*************************
AdwCleaner[R0].txt - [3692 octets] - [06/12/2014 14:18:12]
AdwCleaner[S0].txt - [3414 octets] - [06/12/2014 14:28:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3474 octets] ##########
AVG vyměněn za Avast!
Log z AdwCleaneru:
# AdwCleaner v4.104 - Report created 06/12/2014 at 14:28:38
# Updated 05/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Admin - PC
# Running from : C:\Users\Admin\Desktop\adwcleaner_4.104.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Users\Admin\AppData\LocalLow\AVG Security Toolbar
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Admin\AppData\Local\Temp\Uninstall.exe
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v34.0 (x86 cs)
[k0odwmx5.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com?pid=avg&sg=0&cid=%7B631d54cc-7a8f-4472-81c1-65cfba2325f9%7D&mid=f41d6ec8001c3c275d88c5a58674707f-bcf8ee5ba8b64b410d1b33fc3aaf69f00df34a66&[...]
[k0odwmx5.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?pid=avg&sg=0&cid=%7B631d54cc-7a8f-4472-81c1-65cfba2325f9%7D&mid=f41d6ec8001c3c275d88c5a58674707f-bcf8ee5ba8b64b410d1b33fc3aaf69f00df34a66&ds=AVG[...]
*************************
AdwCleaner[R0].txt - [3692 octets] - [06/12/2014 14:18:12]
AdwCleaner[S0].txt - [3414 octets] - [06/12/2014 14:28:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3474 octets] ##########
Re: Zpomalení počítače
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
TomsS
- Návštěvník
- Příspěvky: 12
- Registrován: 07 bře 2007 15:32
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Zpomalení počítače
Provedeno, zde je výsledek:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 6.12.2014
Scan Time: 15:38:42
Logfile: MalwareBytes_log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.06.05
Rootkit Database: v2014.12.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 480695
Time Elapsed: 3 hr, 33 min, 22 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
Trojan.Agent.CK, D:\games\Call of duty 4 [PC-DVD] [English]\crack\rzr-cod4.exe, , [801dca95522afd392ca063e4ce34857b],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 6.12.2014
Scan Time: 15:38:42
Logfile: MalwareBytes_log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.06.05
Rootkit Database: v2014.12.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 480695
Time Elapsed: 3 hr, 33 min, 22 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 1
Trojan.Agent.CK, D:\games\Call of duty 4 [PC-DVD] [English]\crack\rzr-cod4.exe, , [801dca95522afd392ca063e4ce34857b],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Zpomalení počítače
Nalez hodte do karanteny, pak MBAM odinstalujte. Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
TomsS
- Návštěvník
- Příspěvky: 12
- Registrován: 07 bře 2007 15:32
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Zpomalení počítače
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/12/06 20:25:02
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- WDC WD3200BEVT-80A0RT0 ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7580S ATA Device
- ATA Channel 2 (2)
- ATA Channel 3 (3)
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-80A0RT0 : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEVT-80A0RT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-80A0RT0
Firmware : 01.01A01
Serial Number : WD-WX71A90C6698
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7766 hod.
Power On Count : 2739 krát
Temparature : 49 C (120 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 8080h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 180 152 _21 0000000007A6 Čas na roztočení ploten
04 __1 __1 __0 000000019556 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001E56 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000AB3 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000095B Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000043 Počet vypnutí disku
C1 __1 __1 __0 000000108898 Počet cyklů načítání/vymazání
C2 _98 _80 __0 000000000031 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4139 4139 3043 3636 3938
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3332 3030 4245 5654 2D38 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 0048
080: 01FE 0000 746B 7F09 6163 BE09 BE09 6163 407F 0034
090: 0034 0060 FFFE 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE6
110: AB24 D210 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/12/06 20:25:02
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- WDC WD3200BEVT-80A0RT0 ATA Device
+ ATA Channel 1 (1)
- Optiarc DVD RW AD-7580S ATA Device
- ATA Channel 2 (2)
- ATA Channel 3 (3)
-- Disk List ---------------------------------------------------------------
(1) WDC WD3200BEVT-80A0RT0 : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) WDC WD3200BEVT-80A0RT0
----------------------------------------------------------------------------
Model : WDC WD3200BEVT-80A0RT0
Firmware : 01.01A01
Serial Number : WD-WX71A90C6698
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 7766 hod.
Power On Count : 2739 krát
Temparature : 49 C (120 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : 8080h [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 180 152 _21 0000000007A6 Čas na roztočení ploten
04 __1 __1 __0 000000019556 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _90 _90 __0 000000001E56 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000AB3 Počet cyklů zapnutí zařízení
BF __1 __1 __0 00000000095B Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000043 Počet vypnutí disku
C1 __1 __1 __0 000000108898 Počet cyklů načítání/vymazání
C2 _98 _80 __0 000000000031 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 _51 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4139 4139 3043 3636 3938
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3332 3030 4245 5654 2D38 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1F06 1F06 0000 004C 0048
080: 01FE 0000 746B 7F09 6163 BE09 BE09 6163 407F 0034
090: 0034 0060 FFFE 0000 8080 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 0000 5001 4EE6
110: AB24 D210 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 7037 7037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5
Re: Zpomalení počítače
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
TomsS
- Návštěvník
- Příspěvky: 12
- Registrován: 07 bře 2007 15:32
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Zpomalení počítače
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2014-12-07 17:11:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 30 GB (39%) free of 76 GB
Total RAM: 1790 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:42, on 7.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
D:\Glary Utilities 3\memdefrag.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
D:\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] D:\Glary Utilities 3\memdefrag.exe /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {59557DBF-3DC6-4721-BB48-544493EE3872}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\Splendid\ACMON.exe"
taskeng.exe {B0998CB7-6EE3-4F6F-A838-9DE7500BC9C4}
taskeng.exe {48D41A37-AB42-4F84-ACC2-AADC0D45D18E}
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"D:\Glary Utilities 3\memdefrag.exe" /autostart
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"D:\Glary Utilities 3\x64\Win64ShellLink.exe" ShellLinkX64 1348
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"D:\Glary Utilities 3\Integrator.exe" /autostart
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
WLIDSvcM.exe 2672
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
ATKOSD.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5024 CREDAT:267521 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5024 CREDAT:1381659 /prefetch:2
C:\Windows\system32\msfeedssync.exe sync
"C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5RWG36J\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3604843881-1481373681-328990768-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3604843881-1481373681-328990768-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\sppsvc.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 3.job - D:\Glary Utilities 3\Initialize.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.202.012.001, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, avg@toolbar:13.2.0.5, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default\searchplugins\
google-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-06 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-06 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-06 798771]
{D5D47440-0750-463D-BAEF-A47D02414806}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"Glary Memory Optimizer"=D:\Glary Utilities 3\memdefrag.exe [2013-08-07 117536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-10-21 3054136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-26 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-23 1601536]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-06 5226600]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 15:49:51 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-06 15:33:49 ----D---- C:\ProgramData\Malwarebytes
2014-12-06 14:18:08 ----D---- C:\AdwCleaner
2014-12-06 14:18:08 ----A---- C:\AdwCleanerDebug.txt
2014-12-06 14:12:09 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-12-06 14:06:35 ----D---- C:\Users\Admin\AppData\Roaming\AVAST Software
2014-12-06 14:04:17 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-12-06 14:04:17 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-06 14:04:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-12-06 14:04:13 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-12-06 14:04:12 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-12-06 14:04:11 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-06 14:04:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-12-06 14:04:05 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-12-06 14:03:46 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-06 14:03:37 ----A---- C:\Windows\avastSS.scr
2014-12-06 13:59:13 ----D---- C:\Program Files\AVAST Software
2014-12-06 13:57:20 ----D---- C:\ProgramData\AVAST Software
2014-12-06 11:40:27 ----D---- C:\Program Files\trend micro
2014-12-06 11:40:25 ----D---- C:\rsit
2014-12-02 08:57:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 13:54:17 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 13:54:16 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 14:00:52 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:00:50 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 14:00:49 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 14:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:00:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 14:00:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:59:29 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:59:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:59:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:59:12 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:59:11 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 13:59:08 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:59:08 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:58:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:58:52 ----A---- C:\Windows\system32\oleaut32.dll
======List of files/folders modified in the last 1 month======
2014-12-07 17:10:51 ----D---- C:\Windows\Temp
2014-12-07 17:02:48 ----A---- C:\Windows\system32\acovcnt.exe
2014-12-07 17:01:27 ----D---- C:\Windows\system32\config
2014-12-07 17:01:25 ----D---- C:\Windows\system32\Tasks
2014-12-06 20:14:10 ----RD---- C:\Program Files (x86)
2014-12-06 20:14:10 ----D---- C:\Windows\system32\drivers
2014-12-06 20:07:38 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-12-06 20:07:01 ----RSD---- C:\Windows\Fonts
2014-12-06 15:49:51 ----D---- C:\Windows\System32
2014-12-06 15:48:58 ----SHD---- C:\System Volume Information
2014-12-06 15:33:49 ----HD---- C:\ProgramData
2014-12-06 14:46:41 ----D---- C:\Windows\Prefetch
2014-12-06 14:12:54 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-12-06 14:12:41 ----D---- C:\Windows
2014-12-06 14:06:50 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2014-12-06 14:06:50 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-06 14:06:50 ----D---- C:\Windows\SysWOW64
2014-12-06 14:06:30 ----D---- C:\Windows\inf
2014-12-06 14:05:08 ----D---- C:\Program Files (x86)\Common Files
2014-12-06 14:03:58 ----D---- C:\Windows\winsxs
2014-12-06 14:00:15 ----D---- C:\Windows\system32\LogFiles
2014-12-06 13:59:13 ----RD---- C:\Program Files
2014-12-06 11:20:13 ----SHD---- C:\Windows\Installer
2014-12-06 11:05:21 ----D---- C:\Program Files\CCleaner
2014-12-06 10:59:34 ----D---- C:\Windows\Minidump
2014-12-05 22:00:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 22:00:25 ----D---- C:\Users\Admin\AppData\Roaming\DiskDefrag
2014-11-28 19:23:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-25 21:26:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot2
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot
2014-11-13 04:53:45 ----D---- C:\Windows\rescache
2014-11-13 04:00:27 ----D---- C:\Windows\Microsoft.NET
2014-11-13 03:59:10 ----RSD---- C:\Windows\assembly
2014-11-13 03:35:05 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 03:35:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 03:35:02 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 03:35:01 ----D---- C:\Program Files\Internet Explorer
2014-11-13 03:35:00 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 03:35:00 ----D---- C:\Windows\system32\en-US
2014-11-13 03:34:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 03:16:07 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-06 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-06 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-06 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-06 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-06 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-06 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-06 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-06 116728]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-25 7195648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-07-25 265728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S0 BootDefragDriver;BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-07-25 203264]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-06 50344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-02 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Admin at 2014-12-07 17:11:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 30 GB (39%) free of 76 GB
Total RAM: 1790 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:12:42, on 7.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
D:\Glary Utilities 3\memdefrag.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
D:\Glary Utilities 3\Integrator.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [Glary Memory Optimizer] D:\Glary Utilities 3\memdefrag.exe /autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11073 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {59557DBF-3DC6-4721-BB48-544493EE3872}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ASUS\Splendid\ACMON.exe"
taskeng.exe {B0998CB7-6EE3-4F6F-A838-9DE7500BC9C4}
taskeng.exe {48D41A37-AB42-4F84-ACC2-AADC0D45D18E}
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"D:\Glary Utilities 3\memdefrag.exe" /autostart
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"D:\Glary Utilities 3\x64\Win64ShellLink.exe" ShellLinkX64 1348
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"D:\Glary Utilities 3\Integrator.exe" /autostart
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip /h
WLIDSvcM.exe 2672
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
ATKOSD.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5024 CREDAT:267521 /prefetch:2
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5024 CREDAT:1381659 /prefetch:2
C:\Windows\system32\msfeedssync.exe sync
"C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D5RWG36J\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3604843881-1481373681-328990768-10004_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3604843881-1481373681-328990768-10004 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\sppsvc.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 3.job - D:\Glary Utilities 3\Initialize.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "extensions.enabledItems" - "Cetrumcz@igeared:1.202.012.001, {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27, avg@toolbar:13.2.0.5, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "https://www.google.com/search/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default\searchplugins\
google-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-06 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-06 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\ProgramData\LangSoft\WebIE.dll [2011-05-06 798771]
{D5D47440-0750-463D-BAEF-A47D02414806}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"Glary Memory Optimizer"=D:\Glary Utilities 3\memdefrag.exe [2013-08-07 117536]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-10-21 3054136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-13 10144288]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-26 98304]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-23 1601536]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-12-06 5226600]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-06 15:49:51 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-06 15:33:49 ----D---- C:\ProgramData\Malwarebytes
2014-12-06 14:18:08 ----D---- C:\AdwCleaner
2014-12-06 14:18:08 ----A---- C:\AdwCleanerDebug.txt
2014-12-06 14:12:09 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-12-06 14:06:35 ----D---- C:\Users\Admin\AppData\Roaming\AVAST Software
2014-12-06 14:04:17 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-12-06 14:04:17 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-12-06 14:04:15 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-12-06 14:04:13 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-12-06 14:04:12 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-12-06 14:04:11 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-12-06 14:04:09 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-12-06 14:04:05 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-12-06 14:03:46 ----A---- C:\Windows\system32\aswBoot.exe
2014-12-06 14:03:37 ----A---- C:\Windows\avastSS.scr
2014-12-06 13:59:13 ----D---- C:\Program Files\AVAST Software
2014-12-06 13:57:20 ----D---- C:\ProgramData\AVAST Software
2014-12-06 11:40:27 ----D---- C:\Program Files\trend micro
2014-12-06 11:40:25 ----D---- C:\rsit
2014-12-02 08:57:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-19 13:54:17 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 13:54:16 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 13:54:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 14:00:54 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 14:00:52 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:00:50 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:00:50 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 14:00:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 14:00:49 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:00:44 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 14:00:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 14:00:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 14:00:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 14:00:42 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 14:00:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:00:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:00:41 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 14:00:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 14:00:40 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 14:00:39 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 14:00:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 14:00:37 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 14:00:37 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 14:00:37 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 14:00:36 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 14:00:35 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:00:34 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:59:31 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:59:29 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:59:29 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:59:24 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:59:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:59:20 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:59:12 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:59:12 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:59:11 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 13:59:08 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:59:08 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:58:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:58:52 ----A---- C:\Windows\system32\oleaut32.dll
======List of files/folders modified in the last 1 month======
2014-12-07 17:10:51 ----D---- C:\Windows\Temp
2014-12-07 17:02:48 ----A---- C:\Windows\system32\acovcnt.exe
2014-12-07 17:01:27 ----D---- C:\Windows\system32\config
2014-12-07 17:01:25 ----D---- C:\Windows\system32\Tasks
2014-12-06 20:14:10 ----RD---- C:\Program Files (x86)
2014-12-06 20:14:10 ----D---- C:\Windows\system32\drivers
2014-12-06 20:07:38 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-12-06 20:07:01 ----RSD---- C:\Windows\Fonts
2014-12-06 15:49:51 ----D---- C:\Windows\System32
2014-12-06 15:48:58 ----SHD---- C:\System Volume Information
2014-12-06 15:33:49 ----HD---- C:\ProgramData
2014-12-06 14:46:41 ----D---- C:\Windows\Prefetch
2014-12-06 14:12:54 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-12-06 14:12:41 ----D---- C:\Windows
2014-12-06 14:06:50 ----SD---- C:\Users\Admin\AppData\Roaming\Microsoft
2014-12-06 14:06:50 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-06 14:06:50 ----D---- C:\Windows\SysWOW64
2014-12-06 14:06:30 ----D---- C:\Windows\inf
2014-12-06 14:05:08 ----D---- C:\Program Files (x86)\Common Files
2014-12-06 14:03:58 ----D---- C:\Windows\winsxs
2014-12-06 14:00:15 ----D---- C:\Windows\system32\LogFiles
2014-12-06 13:59:13 ----RD---- C:\Program Files
2014-12-06 11:20:13 ----SHD---- C:\Windows\Installer
2014-12-06 11:05:21 ----D---- C:\Program Files\CCleaner
2014-12-06 10:59:34 ----D---- C:\Windows\Minidump
2014-12-05 22:00:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 22:00:25 ----D---- C:\Users\Admin\AppData\Roaming\DiskDefrag
2014-11-28 19:23:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-25 21:26:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot2
2014-11-19 13:48:56 ----D---- C:\Windows\system32\catroot
2014-11-13 04:53:45 ----D---- C:\Windows\rescache
2014-11-13 04:00:27 ----D---- C:\Windows\Microsoft.NET
2014-11-13 03:59:10 ----RSD---- C:\Windows\assembly
2014-11-13 03:35:05 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 03:35:02 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 03:35:02 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 03:35:01 ----D---- C:\Program Files\Internet Explorer
2014-11-13 03:35:00 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 03:35:00 ----D---- C:\Windows\system32\en-US
2014-11-13 03:34:58 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-13 03:16:07 ----D---- C:\ProgramData\Microsoft Help
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-12-06 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-12-06 267632]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-12-06 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-12-06 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-12-06 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-12-06 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-12-06 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-12-06 116728]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-07-25 7195648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-07-25 265728]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-04-08 124944]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-09-08 129024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-13 2345760]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-10-12 131552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
S0 BootDefragDriver;BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys []
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-07-25 203264]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-12-06 50344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25 267440]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-12-02 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Zpomalení počítače
Dejte log podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
TomsS
- Návštěvník
- Příspěvky: 12
- Registrován: 07 bře 2007 15:32
- Bydliště: České Budějovice
- Kontaktovat uživatele:
Re: Zpomalení počítače
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 01
Ran by Admin (administrator) on PC on 07-12-2014 19:18:34
Running from C:\Users\Admin\Desktop
Loaded Profile: Admin (Available profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-06] (AVAST Software)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\...\MountPoints2: {7dce7fff-5bcf-11e4-b8d7-20cf307d3643} - F:\DTLplus_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
BootExecute: autocheck autochk * BootDefrag.exeaswBoot.exe /M:16802ba05 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {C2E66561-B684-423E-AB46-A54D374C8FC2} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {EF752EB3-2FE7-49D4-AB3F-78B0C18099CF} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
Toolbar: HKLM-x32 - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default\searchplugins\google-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-06]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 19:15 - 2014-12-07 19:15 - 00037984 _____ () C:\Users\Admin\Desktop\FRST3.txt
2014-12-07 19:14 - 2014-12-07 19:17 - 00023847 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-12-07 19:13 - 2014-12-07 19:19 - 00015019 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-12-07 19:10 - 2014-12-07 19:10 - 02119680 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-12-07 19:10 - 2014-12-07 19:10 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-12-07 19:01 - 2014-12-07 19:18 - 00000000 ____D () C:\FRST
2014-12-07 17:32 - 2014-12-07 17:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-06 21:17 - 2014-12-06 21:16 - 00000722 _____ () C:\Users\Admin\Desktop\filmy avi.lnk
2014-12-06 20:23 - 2014-12-06 20:24 - 00000000 ____D () C:\Users\Admin\Downloads\CrystalDiskInfo5_0_0
2014-12-06 20:22 - 2014-12-06 20:22 - 01496172 _____ () C:\Users\Admin\Downloads\CrystalDiskInfo5_0_0.zip
2014-12-06 15:49 - 2014-11-24 14:04 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-06 15:33 - 2014-12-06 15:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-06 15:32 - 2014-12-06 15:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-06 14:42 - 2014-12-06 14:42 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2014-12-06 14:18 - 2014-12-06 14:28 - 00000000 ____D () C:\AdwCleaner
2014-12-06 14:18 - 2014-12-06 14:18 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 14:12 - 2014-12-07 18:39 - 00000336 _____ () C:\Windows\setupact.log
2014-12-06 14:12 - 2014-12-07 18:38 - 00002918 _____ () C:\Windows\PFRO.log
2014-12-06 14:12 - 2014-12-06 14:13 - 00410408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 14:12 - 2014-12-06 14:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 14:06 - 2014-12-06 14:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-12-06 14:05 - 2014-12-06 14:05 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-06 14:05 - 2014-12-06 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 14:04 - 2014-12-07 17:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-06 14:04 - 2014-12-06 14:04 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-06 14:03 - 2014-12-06 14:03 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-06 14:03 - 2014-12-06 14:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-06 13:59 - 2014-12-06 13:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-06 13:57 - 2014-12-06 13:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-06 13:57 - 2014-12-06 13:57 - 00109296 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-06 13:56 - 2014-12-06 13:55 - 02153472 _____ () C:\Users\Admin\Desktop\adwcleaner_4.104.exe
2014-12-06 11:40 - 2014-12-07 17:12 - 00000000 ____D () C:\Program Files\trend micro
2014-12-06 11:40 - 2014-12-06 11:40 - 00000000 ____D () C:\rsit
2014-12-02 08:57 - 2014-12-02 08:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-19 13:54 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 13:54 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:54 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 13:54 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-12 14:00 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 14:00 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 14:00 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 14:00 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 14:00 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:00 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 14:00 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 14:00 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:00 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:00 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 14:00 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 14:00 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 14:00 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 14:00 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 14:00 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:00 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 14:00 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 14:00 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 14:00 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:00 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 14:00 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 14:00 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 14:00 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 14:00 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 14:00 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 14:00 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:00 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 14:00 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 14:00 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 14:00 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 14:00 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 14:00 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 14:00 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 14:00 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 14:00 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 14:00 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 14:00 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:00 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 14:00 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 14:00 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:00 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 14:00 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 14:00 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 14:00 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 14:00 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 14:00 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 14:00 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 14:00 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 14:00 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 14:00 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 14:00 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 14:00 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 14:00 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 14:00 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 14:00 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 14:00 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 14:00 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 14:00 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 14:00 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 14:00 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 14:00 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 14:00 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 14:00 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 14:00 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 14:00 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 14:00 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 14:00 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 14:00 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:59 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:59 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:59 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:59 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:59 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 13:59 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 13:59 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:59 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 13:59 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:59 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 13:59 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:59 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 13:58 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:58 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 19:06 - 2010-10-21 21:09 - 01689840 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 18:46 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 18:46 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 18:40 - 2013-09-14 11:27 - 00000288 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-12-07 18:39 - 2013-10-02 18:44 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-12-07 18:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 17:27 - 2011-05-06 10:53 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{92046EEF-6333-4765-B34B-A061EFA85034}
2014-12-07 17:26 - 2013-12-06 19:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 17:03 - 2013-11-29 20:10 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 17:03 - 2011-05-06 10:58 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 21:03 - 2011-11-09 11:54 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky
2014-12-06 20:07 - 2010-10-21 21:47 - 00001654 _____ () C:\Windows\system32\ServiceFilter.ini
2014-12-06 14:12 - 2010-10-21 21:47 - 00002008 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-12-06 11:05 - 2014-06-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-06 11:05 - 2014-06-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-06 11:05 - 2014-06-15 21:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-06 10:59 - 2011-11-16 16:01 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 22:15 - 2013-01-07 13:57 - 00000000 ____D () C:\Users\Admin\Desktop\škola
2014-12-05 22:00 - 2013-11-29 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 22:00 - 2013-09-23 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DiskDefrag
2014-11-28 19:23 - 2009-08-03 21:00 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-11-28 19:23 - 2009-08-03 21:00 - 00146156 _____ () C:\Windows\system32\perfc005.dat
2014-11-28 19:23 - 2009-07-14 06:13 - 01589202 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-25 21:26 - 2013-12-06 19:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:26 - 2013-12-06 19:54 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 21:26 - 2011-05-22 10:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 04:53 - 2014-06-22 01:10 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:35 - 2014-05-11 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:16 - 2011-05-06 16:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 00:56
==================== End Of Log ============================
Ran by Admin (administrator) on PC on 07-12-2014 19:18:34
Running from C:\Users\Admin\Desktop
Loaded Profile: Admin (Available profiles: Admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-10] (ELAN Microelectronic Corp.)
HKLM\...\Run: [ASUS WebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-16] ()
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-07-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-06] (AVAST Software)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\...\Run: [Syncables] => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\...\MountPoints2: {7dce7fff-5bcf-11e4-b8d7-20cf307d3643} - F:\DTLplus_Launcher.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
BootExecute: autocheck autochk * BootDefrag.exeaswBoot.exe /M:16802ba05 /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mojebanka.cz/
HKU\S-1-5-21-3604843881-1481373681-328990768-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {C2E66561-B684-423E-AB46-A54D374C8FC2} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> {EF752EB3-2FE7-49D4-AB3F-78B0C18099CF} URL = http://search.centrum.cz/index.php?q={s ... trum-1.0.0
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll ()
Toolbar: HKLM-x32 - No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Toolbar: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-3604843881-1481373681-328990768-1000 -> No Name - {D5D47440-0750-463D-BAEF-A47D02414806} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0odwmx5.default\searchplugins\google-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-06]
FF Extension: No Name - wrc@avast.com [Not Found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S0 BootDefragDriver; System32\drivers\BootDefragDriver.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 19:15 - 2014-12-07 19:15 - 00037984 _____ () C:\Users\Admin\Desktop\FRST3.txt
2014-12-07 19:14 - 2014-12-07 19:17 - 00023847 _____ () C:\Users\Admin\Desktop\Addition.txt
2014-12-07 19:13 - 2014-12-07 19:19 - 00015019 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-12-07 19:10 - 2014-12-07 19:10 - 02119680 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-12-07 19:10 - 2014-12-07 19:10 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2014-12-07 19:01 - 2014-12-07 19:18 - 00000000 ____D () C:\FRST
2014-12-07 17:32 - 2014-12-07 17:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-06 21:17 - 2014-12-06 21:16 - 00000722 _____ () C:\Users\Admin\Desktop\filmy avi.lnk
2014-12-06 20:23 - 2014-12-06 20:24 - 00000000 ____D () C:\Users\Admin\Downloads\CrystalDiskInfo5_0_0
2014-12-06 20:22 - 2014-12-06 20:22 - 01496172 _____ () C:\Users\Admin\Downloads\CrystalDiskInfo5_0_0.zip
2014-12-06 15:49 - 2014-11-24 14:04 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-06 15:33 - 2014-12-06 15:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-06 15:32 - 2014-12-06 15:32 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-06 14:42 - 2014-12-06 14:42 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieBrowserModeList
2014-12-06 14:18 - 2014-12-06 14:28 - 00000000 ____D () C:\AdwCleaner
2014-12-06 14:18 - 2014-12-06 14:18 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-06 14:12 - 2014-12-07 18:39 - 00000336 _____ () C:\Windows\setupact.log
2014-12-06 14:12 - 2014-12-07 18:38 - 00002918 _____ () C:\Windows\PFRO.log
2014-12-06 14:12 - 2014-12-06 14:13 - 00410408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-06 14:12 - 2014-12-06 14:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-06 14:06 - 2014-12-06 14:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-12-06 14:05 - 2014-12-06 14:05 - 00001966 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-06 14:05 - 2014-12-06 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 14:04 - 2014-12-07 17:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-06 14:04 - 2014-12-06 14:04 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 14:04 - 2014-12-06 14:03 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-06 14:03 - 2014-12-06 14:03 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-06 14:03 - 2014-12-06 14:03 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-06 13:59 - 2014-12-06 13:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-06 13:57 - 2014-12-06 13:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-06 13:57 - 2014-12-06 13:57 - 00109296 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-06 13:56 - 2014-12-06 13:55 - 02153472 _____ () C:\Users\Admin\Desktop\adwcleaner_4.104.exe
2014-12-06 11:40 - 2014-12-07 17:12 - 00000000 ____D () C:\Program Files\trend micro
2014-12-06 11:40 - 2014-12-06 11:40 - 00000000 ____D () C:\rsit
2014-12-02 08:57 - 2014-12-02 08:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-19 13:54 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 13:54 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 13:54 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 13:54 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-12 14:00 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 14:00 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 14:00 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 14:00 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 14:00 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:00 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 14:00 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 14:00 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:00 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:00 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 14:00 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 14:00 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 14:00 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 14:00 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 14:00 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:00 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 14:00 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 14:00 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 14:00 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:00 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 14:00 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 14:00 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 14:00 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 14:00 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 14:00 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 14:00 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:00 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 14:00 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 14:00 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 14:00 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 14:00 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 14:00 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 14:00 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 14:00 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 14:00 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 14:00 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 14:00 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 14:00 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 14:00 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 14:00 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:00 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 14:00 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 14:00 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 14:00 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 14:00 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 14:00 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 14:00 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 14:00 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 14:00 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 14:00 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 14:00 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 14:00 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 14:00 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 14:00 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 14:00 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 14:00 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 14:00 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 14:00 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 14:00 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 14:00 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 14:00 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 14:00 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 14:00 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 14:00 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 14:00 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 14:00 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 14:00 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 14:00 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 13:59 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 13:59 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 13:59 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 13:59 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 13:59 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 13:59 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 13:59 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 13:59 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 13:59 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 13:59 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 13:59 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 13:59 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 13:59 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 13:59 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 13:59 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:59 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 13:58 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 13:58 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-07 19:06 - 2010-10-21 21:09 - 01689840 _____ () C:\Windows\WindowsUpdate.log
2014-12-07 18:46 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 18:46 - 2009-07-14 05:45 - 00019056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-07 18:40 - 2013-09-14 11:27 - 00000288 _____ () C:\Windows\Tasks\GlaryInitialize 3.job
2014-12-07 18:39 - 2013-10-02 18:44 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-12-07 18:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-07 17:27 - 2011-05-06 10:53 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{92046EEF-6333-4765-B34B-A061EFA85034}
2014-12-07 17:26 - 2013-12-06 19:54 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-07 17:03 - 2013-11-29 20:10 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-07 17:03 - 2011-05-06 10:58 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 21:03 - 2011-11-09 11:54 - 00000000 ____D () C:\Users\Admin\Desktop\obrázky
2014-12-06 20:07 - 2010-10-21 21:47 - 00001654 _____ () C:\Windows\system32\ServiceFilter.ini
2014-12-06 14:12 - 2010-10-21 21:47 - 00002008 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-12-06 11:05 - 2014-06-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-06 11:05 - 2014-06-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-06 11:05 - 2014-06-15 21:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-06 10:59 - 2011-11-16 16:01 - 00000000 ____D () C:\Windows\Minidump
2014-12-05 22:15 - 2013-01-07 13:57 - 00000000 ____D () C:\Users\Admin\Desktop\škola
2014-12-05 22:00 - 2013-11-29 20:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 22:00 - 2013-09-23 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DiskDefrag
2014-11-28 19:23 - 2009-08-03 21:00 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-11-28 19:23 - 2009-08-03 21:00 - 00146156 _____ () C:\Windows\system32\perfc005.dat
2014-11-28 19:23 - 2009-07-14 06:13 - 01589202 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-25 21:26 - 2013-12-06 19:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 21:26 - 2013-12-06 19:54 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 21:26 - 2011-05-22 10:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-13 04:53 - 2014-06-22 01:10 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:35 - 2014-05-11 02:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:16 - 2011-05-06 16:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-05 00:56
==================== End Of Log ============================
Re: Zpomalení počítače
To ale neni presne podle navodu 
Tak jinak
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
18.1. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975
Tak jinak
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
18.1. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?