Poprosil bych o kontrolu logu,nějak se mi nezdá rychlost PC! Děkuji!
Logfile of random's system information tool 1.10 (written by random/random)
Run by dzuus at 2015-01-11 21:41:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (35%) free of 109 GB
Total RAM: 3070 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:41:37, on 11.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7734 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=13bf9568-21e6-4069-b975-82742fc90153 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\f39d4919-eedd-452a-b521-ec49096a9c41-14c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskeng.exe {CFD461BB-AAAA-4E3C-BF0C-5881247B3EFD}
taskeng.exe {8758FFD2-E9E8-4D12-8C25-E3D69E8D5017}
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
ctfmon.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=59054143-0c54-4d4a-a235-fb1f454cbc0e /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\48088101-0d10-4a41-a385-243e4e3b3b31-c54-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6fc3b360-99cf-4a8c-b9d9-aac3092699ce -SystemEventPortName:HostProcess-9d71e940-00f7-4d76-92f4-3bba8a7f1f44 -IoCancelEventPortName:HostProcess-b03438ff-a80c-466c-b936-3dd69a5c4479 -NonStateChangingEventPortName:HostProcess-c72a3606-ee10-4901-951e-a30eb7003099 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f869115d-8749-44e0-9b18-8edfcc69d239 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Zdravím!
Log není kompletní.
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Pardon,snad už to bude!
Logfile of random's system information tool 1.10 (written by random/random)
Run by dzuus at 2015-01-11 22:09:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (35%) free of 109 GB
Total RAM: 3070 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:29, on 11.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8105 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=13bf9568-21e6-4069-b975-82742fc90153 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\f39d4919-eedd-452a-b521-ec49096a9c41-14c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskeng.exe {CFD461BB-AAAA-4E3C-BF0C-5881247B3EFD}
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
ctfmon.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=59054143-0c54-4d4a-a235-fb1f454cbc0e /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\48088101-0d10-4a41-a385-243e4e3b3b31-c54-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6fc3b360-99cf-4a8c-b9d9-aac3092699ce -SystemEventPortName:HostProcess-9d71e940-00f7-4d76-92f4-3bba8a7f1f44 -IoCancelEventPortName:HostProcess-b03438ff-a80c-466c-b936-3dd69a5c4479 -NonStateChangingEventPortName:HostProcess-c72a3606-ee10-4901-951e-a30eb7003099 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f869115d-8749-44e0-9b18-8edfcc69d239 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=gpu-process --channel="3928.0.309866195\1315912611" --enable-proprietary-media-types-playback --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x7280 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.56.1.16 --enable-proprietary-media-types-playback --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.3.167363435\479899998" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.4.110227464\586880106" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.5.310215274\1765332843" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.9.1482701487\1117973502" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.10.1703911739\529023397" /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-12-16 5188112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:17:18 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-11 00:16:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 00:16:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-11 00:16:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-11 00:13:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 21:54:14 ----D---- C:\ProgramData\bgbeojhnajncocjkbmdmliofpaaanfpo
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2015-01-01 14:44:35 ----D---- C:\ProgramData\mcmnnopmifabgneopoankmikpmfbanca
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-11 22:08:32 ----D---- C:\Windows\Prefetch
2015-01-11 22:06:58 ----D---- C:\Windows\temp
2015-01-11 21:40:09 ----D---- C:\ProgramData\MFAData
2015-01-11 21:38:51 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:47:40 ----D---- C:\Windows
2015-01-11 20:46:16 ----D---- C:\AdwCleaner
2015-01-11 20:26:25 ----D---- C:\Windows\inf
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:53:29 ----D---- C:\Windows\SysWOW64
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 13:22:08 ----D---- C:\ProgramData
2015-01-11 00:57:01 ----RD---- C:\Program Files (x86)
2015-01-11 00:48:35 ----D---- C:\Windows\system32\drivers
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:19 ----D---- C:\Windows\System32
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-09 10:06:24 ----SHD---- C:\Windows\Installer
2015-01-09 10:06:23 ----HD---- C:\Config.Msi
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-07 14:29:58 ----D---- C:\Windows\Tasks
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-29 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-10-24 237848]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-20 269080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-11 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-12-16 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-12-16 3247120]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-12-16 289328]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by dzuus at 2015-01-11 22:09:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (35%) free of 109 GB
Total RAM: 3070 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:09:29, on 11.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8105 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2014\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=13bf9568-21e6-4069-b975-82742fc90153 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\f39d4919-eedd-452a-b521-ec49096a9c41-14c-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgfws.exe"
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
taskeng.exe {CFD461BB-AAAA-4E3C-BF0C-5881247B3EFD}
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2014\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
ctfmon.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=59054143-0c54-4d4a-a235-fb1f454cbc0e /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\48088101-0d10-4a41-a385-243e4e3b3b31-c54-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6fc3b360-99cf-4a8c-b9d9-aac3092699ce -SystemEventPortName:HostProcess-9d71e940-00f7-4d76-92f4-3bba8a7f1f44 -IoCancelEventPortName:HostProcess-b03438ff-a80c-466c-b936-3dd69a5c4479 -NonStateChangingEventPortName:HostProcess-c72a3606-ee10-4901-951e-a30eb7003099 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f869115d-8749-44e0-9b18-8edfcc69d239 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=gpu-process --channel="3928.0.309866195\1315912611" --enable-proprietary-media-types-playback --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x7280 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.56.1.16 --enable-proprietary-media-types-playback --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.3.167363435\479899998" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.4.110227464\586880106" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.5.310215274\1765332843" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.9.1482701487\1117973502" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --with-feature:enhanced-autofill --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3928.10.1703911739\529023397" /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-12-16 5188112]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:17:18 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-11 00:16:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-11 00:16:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-11 00:16:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-11 00:13:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 21:54:14 ----D---- C:\ProgramData\bgbeojhnajncocjkbmdmliofpaaanfpo
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2015-01-01 14:44:35 ----D---- C:\ProgramData\mcmnnopmifabgneopoankmikpmfbanca
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-11 22:08:32 ----D---- C:\Windows\Prefetch
2015-01-11 22:06:58 ----D---- C:\Windows\temp
2015-01-11 21:40:09 ----D---- C:\ProgramData\MFAData
2015-01-11 21:38:51 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:47:40 ----D---- C:\Windows
2015-01-11 20:46:16 ----D---- C:\AdwCleaner
2015-01-11 20:26:25 ----D---- C:\Windows\inf
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:53:29 ----D---- C:\Windows\SysWOW64
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 13:22:08 ----D---- C:\ProgramData
2015-01-11 00:57:01 ----RD---- C:\Program Files (x86)
2015-01-11 00:48:35 ----D---- C:\Windows\system32\drivers
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:19 ----D---- C:\Windows\System32
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-09 10:06:24 ----SHD---- C:\Windows\Installer
2015-01-09 10:06:23 ----HD---- C:\Config.Msi
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-07 14:29:58 ----D---- C:\Windows\Tasks
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-29 123672]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-10-24 237848]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-20 269080]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-11 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-12-16 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-12-16 3247120]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-12-16 289328]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Updated 21/12/2014 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : edjkooiccbgjhlpfhkknkjhfpmjkmelk
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : dldcbakcjliccckkmfjcblhciilpdcil
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [1980 octets] - [11/01/2015 22:51:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2040 octets] ##########
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : edjkooiccbgjhlpfhkknkjhfpmjkmelk
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : dldcbakcjliccckkmfjcblhciilpdcil
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [1980 octets] - [11/01/2015 22:51:21]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [2040 octets] ##########
Re: Prosím o kontrolu logu.
# AdwCleaner v4.106 - Report created 12/01/2015 at 10:13:39
# Updated 21/12/2014 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : dldcbakcjliccckkmfjcblhciilpdcil
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[R7].txt - [1653 octets] - [12/01/2015 10:09:06]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [2120 octets] - [11/01/2015 22:51:21]
AdwCleaner[S6].txt - [1576 octets] - [12/01/2015 10:13:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1636 octets] ##########
# Updated 21/12/2014 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
[C:\Users\dzuus\AppData\Roaming\Opera Software\Opera Stable\preferences] - Deleted [Extension] : dldcbakcjliccckkmfjcblhciilpdcil
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[R7].txt - [1653 octets] - [12/01/2015 10:09:06]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [2120 octets] - [11/01/2015 22:51:21]
AdwCleaner[S6].txt - [1576 octets] - [12/01/2015 10:13:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1636 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Dejte nový log
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
# AdwCleaner v4.106 - Report created 12/01/2015 at 20:42:44
# Updated 21/12/2014 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[R7].txt - [1653 octets] - [12/01/2015 10:09:06]
AdwCleaner[R8].txt - [1644 octets] - [12/01/2015 19:01:00]
AdwCleaner[R9].txt - [1704 octets] - [12/01/2015 20:20:07]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [2120 octets] - [11/01/2015 22:51:21]
AdwCleaner[S6].txt - [1716 octets] - [12/01/2015 10:13:39]
AdwCleaner[S7].txt - [1625 octets] - [12/01/2015 20:42:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1685 octets] ##########
# Updated 21/12/2014 by Xplode
# Database : 2015-01-11.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : dzuus - DZUUS-PC
# Running from : C:\Users\dzuus\Desktop\adwcleaner_4.106.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Opera v26.0.1656.60
*************************
AdwCleaner[R0].txt - [3457 octets] - [23/07/2014 16:04:32]
AdwCleaner[R1].txt - [5699 octets] - [11/01/2015 13:04:59]
AdwCleaner[R2].txt - [5759 octets] - [11/01/2015 13:20:00]
AdwCleaner[R3].txt - [1818 octets] - [11/01/2015 17:54:31]
AdwCleaner[R4].txt - [1292 octets] - [11/01/2015 18:41:31]
AdwCleaner[R5].txt - [3606 octets] - [11/01/2015 20:28:09]
AdwCleaner[R6].txt - [2049 octets] - [11/01/2015 22:46:47]
AdwCleaner[R7].txt - [1653 octets] - [12/01/2015 10:09:06]
AdwCleaner[R8].txt - [1644 octets] - [12/01/2015 19:01:00]
AdwCleaner[R9].txt - [1704 octets] - [12/01/2015 20:20:07]
AdwCleaner[S0].txt - [3492 octets] - [23/07/2014 16:11:06]
AdwCleaner[S1].txt - [5926 octets] - [11/01/2015 13:22:07]
AdwCleaner[S2].txt - [1891 octets] - [11/01/2015 17:58:00]
AdwCleaner[S3].txt - [1356 octets] - [11/01/2015 18:49:30]
AdwCleaner[S4].txt - [3703 octets] - [11/01/2015 20:46:15]
AdwCleaner[S5].txt - [2120 octets] - [11/01/2015 22:51:21]
AdwCleaner[S6].txt - [1716 octets] - [12/01/2015 10:13:39]
AdwCleaner[S7].txt - [1625 octets] - [12/01/2015 20:42:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1685 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by dzuus at 2015-01-12 21:34:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (35%) free of 109 GB
Total RAM: 3070 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:58, on 12.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7734 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-5d33-dc4aef4e4925 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
Ati2evxx.exe -Client
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
taskeng.exe {E640065D-90DB-4296-A131-4E03CCEE194D}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
ctfmon.exe
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-403a6135-4226-42aa-ac5c-2088f5211605 -SystemEventPortName:HostProcess-5f65a6c9-bf89-4396-a01e-5c02c36c1614 -IoCancelEventPortName:HostProcess-a3de0bad-baa0-4d44-98fd-560bc1316d83 -NonStateChangingEventPortName:HostProcess-047c06fd-3b13-4691-8fec-19cbe26131d9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f38d6104-1606-40d0-bf3e-dc27ce6b5a85 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
taskeng.exe {51D90707-6308-40C0-8819-F904D9BF3745}
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-12 19:19:32 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-12 19:17:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-12 18:24:14 ----D---- C:\Users\dzuus\AppData\Roaming\AVG2015
2015-01-12 18:17:26 ----D---- C:\ProgramData\AVG2015
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 21:54:14 ----D---- C:\ProgramData\bgbeojhnajncocjkbmdmliofpaaanfpo
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2015-01-01 14:44:35 ----D---- C:\ProgramData\mcmnnopmifabgneopoankmikpmfbanca
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-12 21:33:41 ----D---- C:\Windows\temp
2015-01-12 21:33:34 ----D---- C:\Windows\inf
2015-01-12 21:33:32 ----D---- C:\Windows
2015-01-12 21:16:02 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-12 21:11:28 ----D---- C:\Windows\Prefetch
2015-01-12 21:06:10 ----D---- C:\ProgramData\MFAData
2015-01-12 20:42:54 ----D---- C:\AdwCleaner
2015-01-12 19:19:32 ----D---- C:\Windows\system32\drivers
2015-01-12 19:17:29 ----RD---- C:\Program Files (x86)
2015-01-12 18:25:24 ----HD---- C:\Config.Msi
2015-01-12 18:25:24 ----D---- C:\ProgramData\AVG2014
2015-01-12 18:23:57 ----SHD---- C:\Windows\Installer
2015-01-12 18:23:51 ----HD---- C:\$AVG
2015-01-12 18:17:26 ----D---- C:\ProgramData
2015-01-12 18:17:11 ----D---- C:\Program Files (x86)\AVG
2015-01-12 16:45:43 ----D---- C:\Users\dzuus\AppData\Roaming\IObit
2015-01-12 16:44:07 ----D---- C:\Windows\SysWOW64
2015-01-12 16:44:07 ----D---- C:\Windows\System32
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-07 14:29:58 ----D---- C:\Windows\Tasks
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-12 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by dzuus at 2015-01-12 21:34:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (35%) free of 109 GB
Total RAM: 3070 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:34:58, on 12.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7734 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-5d33-dc4aef4e4925 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
Ati2evxx.exe -Client
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
taskeng.exe {E640065D-90DB-4296-A131-4E03CCEE194D}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
ctfmon.exe
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-403a6135-4226-42aa-ac5c-2088f5211605 -SystemEventPortName:HostProcess-5f65a6c9-bf89-4396-a01e-5c02c36c1614 -IoCancelEventPortName:HostProcess-a3de0bad-baa0-4d44-98fd-560bc1316d83 -NonStateChangingEventPortName:HostProcess-047c06fd-3b13-4691-8fec-19cbe26131d9 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f38d6104-1606-40d0-bf3e-dc27ce6b5a85 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
taskeng.exe {51D90707-6308-40C0-8819-F904D9BF3745}
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /c�
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe� /ua /installsource scheduler�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-12 19:19:32 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-12 19:17:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-12 18:24:14 ----D---- C:\Users\dzuus\AppData\Roaming\AVG2015
2015-01-12 18:17:26 ----D---- C:\ProgramData\AVG2015
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 21:54:14 ----D---- C:\ProgramData\bgbeojhnajncocjkbmdmliofpaaanfpo
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2015-01-01 14:44:35 ----D---- C:\ProgramData\mcmnnopmifabgneopoankmikpmfbanca
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-12 21:33:41 ----D---- C:\Windows\temp
2015-01-12 21:33:34 ----D---- C:\Windows\inf
2015-01-12 21:33:32 ----D---- C:\Windows
2015-01-12 21:16:02 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-12 21:11:28 ----D---- C:\Windows\Prefetch
2015-01-12 21:06:10 ----D---- C:\ProgramData\MFAData
2015-01-12 20:42:54 ----D---- C:\AdwCleaner
2015-01-12 19:19:32 ----D---- C:\Windows\system32\drivers
2015-01-12 19:17:29 ----RD---- C:\Program Files (x86)
2015-01-12 18:25:24 ----HD---- C:\Config.Msi
2015-01-12 18:25:24 ----D---- C:\ProgramData\AVG2014
2015-01-12 18:23:57 ----SHD---- C:\Windows\Installer
2015-01-12 18:23:51 ----HD---- C:\$AVG
2015-01-12 18:17:26 ----D---- C:\ProgramData
2015-01-12 18:17:11 ----D---- C:\Program Files (x86)\AVG
2015-01-12 16:45:43 ----D---- C:\Users\dzuus\AppData\Roaming\IObit
2015-01-12 16:44:07 ----D---- C:\Windows\SysWOW64
2015-01-12 16:44:07 ----D---- C:\Windows\System32
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-07 14:29:58 ----D---- C:\Windows\Tasks
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-12 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\mcmnnopmifabgneopoankmikpmfbanca
C:\ProgramData\bgbeojhnajncocjkbmdmliofpaaanfpo
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by dzuus at 2015-01-12 22:11:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (36%) free of 109 GB
Total RAM: 3070 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:46, on 12.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7734 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-e686-7e0462b52069 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
taskeng.exe {8B879BF7-27C8-437D-BDCA-C8988A91EC00}
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
taskeng.exe {83C9E72E-9D37-4DED-A6E5-3450F3D20812}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-439037d1-05a0-4c94-90e3-a87db554278e -SystemEventPortName:HostProcess-04079963-ef8a-4462-b795-44d6c9bcf4f1 -IoCancelEventPortName:HostProcess-0fa7b553-0e1e-402f-8d27-35841c02ab6f -NonStateChangingEventPortName:HostProcess-ce6daa61-dd28-459e-8fdd-8fec443afdf4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fdcaa414-4668-4db3-8131-8a516a310576 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
ctfmon.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-12 21:54:54 ----D---- C:\_OTM
2015-01-12 19:19:32 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-12 19:17:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-12 18:24:14 ----D---- C:\Users\dzuus\AppData\Roaming\AVG2015
2015-01-12 18:17:26 ----D---- C:\ProgramData\AVG2015
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-12 22:09:19 ----D---- C:\Windows\temp
2015-01-12 22:04:52 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-12 21:54:56 ----D---- C:\ProgramData
2015-01-12 21:54:55 ----D---- C:\Windows\Tasks
2015-01-12 21:54:21 ----D---- C:\Windows\Prefetch
2015-01-12 21:53:56 ----D---- C:\Windows
2015-01-12 21:36:00 ----D---- C:\ProgramData\MFAData
2015-01-12 21:33:34 ----D---- C:\Windows\inf
2015-01-12 20:42:54 ----D---- C:\AdwCleaner
2015-01-12 19:19:32 ----D---- C:\Windows\system32\drivers
2015-01-12 19:17:29 ----RD---- C:\Program Files (x86)
2015-01-12 18:25:24 ----HD---- C:\Config.Msi
2015-01-12 18:25:24 ----D---- C:\ProgramData\AVG2014
2015-01-12 18:23:57 ----SHD---- C:\Windows\Installer
2015-01-12 18:23:51 ----HD---- C:\$AVG
2015-01-12 18:17:11 ----D---- C:\Program Files (x86)\AVG
2015-01-12 16:45:43 ----D---- C:\Users\dzuus\AppData\Roaming\IObit
2015-01-12 16:44:07 ----D---- C:\Windows\SysWOW64
2015-01-12 16:44:07 ----D---- C:\Windows\System32
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-12 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by dzuus at 2015-01-12 22:11:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (36%) free of 109 GB
Total RAM: 3070 MB (51% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:46, on 12.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\trend micro\dzuus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7734 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-e686-7e0462b52069 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
Ati2evxx.exe -Client
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
taskeng.exe {8B879BF7-27C8-437D-BDCA-C8988A91EC00}
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
taskeng.exe {83C9E72E-9D37-4DED-A6E5-3450F3D20812}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe" /STARTUP
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-439037d1-05a0-4c94-90e3-a87db554278e -SystemEventPortName:HostProcess-04079963-ef8a-4462-b795-44d6c9bcf4f1 -IoCancelEventPortName:HostProcess-0fa7b553-0e1e-402f-8d27-35841c02ab6f -NonStateChangingEventPortName:HostProcess-ce6daa61-dd28-459e-8fdd-8fec443afdf4 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fdcaa414-4668-4db3-8131-8a516a310576 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\SOUNDMAN.EXE"
"C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
ctfmon.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Photosmart Wireless B109n-z#1403547296" -Startup
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Users\dzuus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe�
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-09-30 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"ProfilerU"=C:\Program Files\SmartTechnology\Software\ProfilerU.exe [2013-04-16 454144]
"SaiMfd"=C:\Program Files\SmartTechnology\Software\SaiMfd.exe [2013-04-16 158208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30873192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\dzuus\AppData\Roaming\ICQM\icq.exe [2013-07-15 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VNT]
C:\Program Files (x86)\VNT\vntldr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2014-09-04 2575896]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UnlockerAssistant"=C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
""= []
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2014-10-13 1802048]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-01-12 21:54:54 ----D---- C:\_OTM
2015-01-12 19:19:32 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-01-12 19:17:29 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-01-12 19:17:29 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-01-12 18:24:14 ----D---- C:\Users\dzuus\AppData\Roaming\AVG2015
2015-01-12 18:17:26 ----D---- C:\ProgramData\AVG2015
2015-01-11 17:30:16 ----D---- C:\Program Files\trend micro
2015-01-11 17:30:13 ----D---- C:\rsit
2015-01-11 15:53:46 ----A---- C:\runcheck.txt
2015-01-11 15:53:22 ----D---- C:\zoek_backup
2015-01-11 14:28:57 ----D---- C:\Windows\ERUNT
2015-01-11 00:13:29 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-01-10 23:17:08 ----D---- C:\Users\dzuus\AppData\Roaming\Opera Software
2015-01-10 23:16:16 ----D---- C:\Program Files (x86)\Opera
2015-01-08 23:22:38 ----D---- C:\ProgramData\Apple
2015-01-08 23:21:07 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2015-01-08 23:21:06 ----DC---- C:\Windows\system32\DRVSTORE
2015-01-08 13:34:55 ----D---- C:\Program Files (x86)\Intelore
2014-12-18 12:50:05 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-12-18 12:50:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-18 11:21:40 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-12-18 11:21:40 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-18 11:21:40 ----A---- C:\Windows\system32\mferror.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-12-18 11:21:39 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-12-18 11:21:39 ----A---- C:\Windows\system32\mfps.dll
2014-12-18 11:21:38 ----A---- C:\Windows\system32\mf.dll
2014-12-18 11:19:40 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-18 11:19:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-18 11:19:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-18 11:19:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-18 11:19:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\iernonce.dll
2014-12-18 11:19:29 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-18 11:19:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-18 11:19:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-18 11:19:27 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-18 11:19:25 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\urlmon.dll
2014-12-18 11:19:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-12-18 11:19:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-18 11:19:24 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-12-18 11:19:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-18 11:19:23 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-18 11:19:23 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-18 11:19:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\iesetup.dll
2014-12-18 11:19:21 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-18 11:19:19 ----A---- C:\Windows\system32\iertutil.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-12-18 11:19:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-18 11:19:17 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-12-18 11:19:17 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-18 11:19:16 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-18 11:19:15 ----A---- C:\Windows\system32\ieframe.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-18 11:19:14 ----A---- C:\Windows\system32\jscript9.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\wininet.dll
2014-12-18 11:19:13 ----A---- C:\Windows\system32\vbscript.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\msrating.dll
2014-12-18 11:19:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-18 11:19:11 ----A---- C:\Windows\system32\mshtml.dll
2014-12-18 11:18:55 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-18 11:17:32 ----A---- C:\Windows\SYSWOW64\charmap.exe
2014-12-18 11:17:32 ----A---- C:\Windows\system32\charmap.exe
2014-12-18 11:17:18 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-18 11:17:18 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-18 11:17:17 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-18 11:17:10 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-12-18 11:17:10 ----A---- C:\Windows\system32\tzres.dll
2014-12-15 19:14:53 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
======List of files/folders modified in the last 1 month======
2015-01-12 22:09:19 ----D---- C:\Windows\temp
2015-01-12 22:04:52 ----D---- C:\Users\dzuus\AppData\Roaming\Skype
2015-01-12 21:54:56 ----D---- C:\ProgramData
2015-01-12 21:54:55 ----D---- C:\Windows\Tasks
2015-01-12 21:54:21 ----D---- C:\Windows\Prefetch
2015-01-12 21:53:56 ----D---- C:\Windows
2015-01-12 21:36:00 ----D---- C:\ProgramData\MFAData
2015-01-12 21:33:34 ----D---- C:\Windows\inf
2015-01-12 20:42:54 ----D---- C:\AdwCleaner
2015-01-12 19:19:32 ----D---- C:\Windows\system32\drivers
2015-01-12 19:17:29 ----RD---- C:\Program Files (x86)
2015-01-12 18:25:24 ----HD---- C:\Config.Msi
2015-01-12 18:25:24 ----D---- C:\ProgramData\AVG2014
2015-01-12 18:23:57 ----SHD---- C:\Windows\Installer
2015-01-12 18:23:51 ----HD---- C:\$AVG
2015-01-12 18:17:11 ----D---- C:\Program Files (x86)\AVG
2015-01-12 16:45:43 ----D---- C:\Users\dzuus\AppData\Roaming\IObit
2015-01-12 16:44:07 ----D---- C:\Windows\SysWOW64
2015-01-12 16:44:07 ----D---- C:\Windows\System32
2015-01-11 21:08:31 ----D---- C:\Windows\system32\LogFiles
2015-01-11 20:26:23 ----D---- C:\Windows\SoftwareDistribution
2015-01-11 19:09:41 ----D---- C:\Windows\system32\Tasks
2015-01-11 17:58:46 ----D---- C:\Program Files (x86)\IObit
2015-01-11 17:30:16 ----RD---- C:\Program Files
2015-01-11 16:08:59 ----D---- C:\Program Files (x86)\Google
2015-01-11 15:20:06 ----D---- C:\Windows\system32\config
2015-01-11 13:22:10 ----D---- C:\Program Files (x86)\Common Files
2015-01-11 00:16:44 ----D---- C:\Users\dzuus\AppData\Roaming\Malwarebytes
2015-01-11 00:16:36 ----D---- C:\ProgramData\Malwarebytes
2015-01-10 23:43:33 ----A---- C:\Windows\win.ini
2015-01-10 19:45:07 ----SHD---- C:\System Volume Information
2015-01-09 12:36:59 ----D---- C:\Windows\system32\DriverStore
2015-01-09 12:36:13 ----D---- C:\Windows\system32\catroot
2015-01-09 12:20:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-08 22:05:24 ----D---- C:\Windows\system32\NDF
2015-01-08 13:14:15 ----D---- C:\Windows\system32\catroot2
2015-01-08 10:48:48 ----D---- C:\ProgramData\ProductData
2015-01-08 10:45:49 ----D---- C:\BOOT
2015-01-07 14:44:13 ----D---- C:\ProgramData\IObit
2015-01-06 16:11:30 ----AD---- C:\ProgramData\TEMP
2014-12-31 16:33:44 ----D---- C:\Program Files (x86)\EveryonePiano
2014-12-31 09:24:31 ----D---- C:\Windows\debug
2014-12-18 19:26:40 ----D---- C:\Windows\rescache
2014-12-18 12:51:35 ----D---- C:\Windows\winsxs
2014-12-18 11:44:51 ----D---- C:\Program Files\Internet Explorer
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\en-US
2014-12-18 11:44:49 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-18 11:44:47 ----D---- C:\Windows\PolicyDefinitions
2014-12-18 11:44:46 ----D---- C:\Windows\system32\en-US
2014-12-18 11:44:46 ----D---- C:\Windows\system32\cs-CZ
2014-12-18 11:44:44 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-18 11:31:23 ----D---- C:\Windows\system32\MRT
2014-12-18 11:23:46 ----A---- C:\Windows\system32\MRT.exe
2014-12-17 08:46:33 ----D---- C:\ProgramData\Skype
2014-12-17 08:46:19 ----RD---- C:\Program Files (x86)\Skype
2014-12-16 13:51:50 ----D---- C:\Users\dzuus\AppData\Roaming\DAEMON Tools Lite
2014-12-15 19:14:53 ----D---- C:\Windows\SYSWOW64\drivers
2014-12-15 19:03:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-15 19:00:11 ----D---- C:\Users\dzuus\AppData\Roaming\Adobe
2014-12-15 19:00:11 ----D---- C:\ProgramData\Adobe
2014-12-15 19:00:07 ----D---- C:\Program Files (x86)\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 21184]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2014-10-10 274200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-20 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-15 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC64.SYS [2009-06-18 3491616]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-03-23 23048]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-01-12 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2013-11-19 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-11-09 941784]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2014-06-18 2976472]
R3 SaiK8020;SaiK8020; C:\Windows\system32\DRIVERS\SaiK8020.sys [2012-12-04 180584]
R3 SaiMini;SaiMini; C:\Windows\system32\DRIVERS\SaiMini.sys [2013-04-30 25120]
R3 SaiNtBus;SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [2013-04-30 52640]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2013-11-19 23016]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S1 avgtp;avgtp; C:\Windows\system32\drivers\avgtp.sys []
S3 ATITool;ATITool Overclocking Utility; C:\Windows\system32\DRIVERS\ATITool64.sys [2006-11-10 30720]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 SaiH075C;SaiH075C; C:\Windows\system32\DRIVERS\SaiH075C.sys [2006-07-27 326784]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2013-03-07 350160]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2014-09-30 344896]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-30 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-06 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Dodporučuji odinstlovat IOBit. Důvod: http://forum.viry.cz/viewtopic.php?f=14 ... ilit=iobit .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Tak vyčištěno a odinstalováno,hned je to o dost lepší,díky moc a ať se daří,díky mějte se!!!!!
-
Rudy
- Site Admin
- Příspěvky: 119679
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Vy též a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?