Logfile of random's system information tool 1.10 (written by random/random)
Run by Rka at 2015-02-27 19:37:55
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 97 GB (38%) free of 254 GB
Total RAM: 2046 MB (17% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:38:28, on 27.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\EXPERTool\TBPANEL.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\program files\savepass\savepass-bg.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Rka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN0ZQ1II\RSIT.exe
C:\Program Files\trend micro\Rka.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CrossriderApp0048292 - {11111111-1111-1111-1111-110411821192} - C:\Program Files\Sense\Sense-bho.dll
O2 - BHO: CrossriderApp0057050 - {11111111-1111-1111-1111-110511701150} - C:\Program Files\SavePass\SavePass-bho.dll
O2 - BHO: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files\PasswordBox\Application\pbbtn.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files\PasswordBox\pbbtnService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 8609 bytes
======Scheduled tasks folder======
C:\Windows\tasks\92763219-cd5e-449c-9ee4-e16989e2a0e3-6.job - C:\Program Files\HQ-V1.4\HQ-V1.4-novainstaller.exe /LWHKWVO /IUXMDU='HQ-V1.4' /olRhMk=58362 /KDoZhQ='001553' /qGpeZpKa='0' /STVERlHs='0' /vZBUbBwDF=1E47B492961D4342BC68BBF154553CC3IE /CFPRnblA=f10f07357a89b3ad497013506450e7c8 /PIrxq=1_34_06_10 /yUHiguY=1.34.6.10 /cNhgkFhbB=1403177631 /uNZoBlc=http://stats.datagenserv.com /bRlsqwaSv=http://errors.datagenserv.com /VRYexO=http://js.datagenserv.com /aOPUAuI=ie /FCpROYRj /YIqolsx='nova' /clHaeiIXj=http://js.clientdemocloud.com /NfCTFgQHU='{"asw":[2, 8388609, 0]}' /axTmrUB=task /VIIBIGMYB='http://update.datagenserv.com/novacode/ ... pdate.json' /axTmrUB='task' /NVpEssDCH=''
C:\Windows\tasks\92763219-cd5e-449c-9ee4-e16989e2a0e3-7.job - C:\Program Files\HQ-V1.4\HQ-V1.4-nova.exe /IUXMDU='HQ-V1.4' /olRhMk=58362 /KDoZhQ='001553' /qGpeZpKa='0' /STVERlHs='0' /vZBUbBwDF=1E47B492961D4342BC68BBF154553CC3IE /CFPRnblA=f10f07357a89b3ad497013506450e7c8 /PIrxq=1_34_06_10 /yUHiguY=1.34.6.10 /cNhgkFhbB=1403177631 /uNZoBlc=http://stats.datagenserv.com /bRlsqwaSv=http://errors.datagenserv.com /VRYexO=http://js.datagenserv.com /aOPUAuI=ie /FCpROYRj /YIqolsx='nova' /clHaeiIXj=http://js.clientdemocloud.com /NfCTFgQHU='{"asw":[2, 8388609, 0]}' /VIIBIGMYB='http://update.datagenserv.com/novarun/{ ... pdate.json' /axTmrUB='task' /NVpEssDCH=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-1.job - C:\Program Files\SavePass\SavePass-codedownloader.exe /EhDtX /lsWNHJfv=task /BxSDWnLe='SavePass' /LqAWIoT=57050 /oWiqlmZV='001504' /uokac='0' /tngQGBsRr='0' /rTzNWfVE=1E47B492961D4342BC68BBF154553CC3IE /WSMuw=f10f07357a89b3ad497013506450e7c8 /tNHToLnF=1_34_06_10 /QXTPexWA=1.34.6.10 /CdVjuwYo=1402923849 /EqvuSdV=http://stats.datagenserv.com /rAoJpQ=http://errors.datagenserv.com /VgjVj=http://js.datagenserv.com /OeDgJWOPy=ie /URQrKZ=http://js.clientdemocloud.com /RVZymz /vlNeNn='{"asw":[2, 8388609, 0]}' /OCzOzLS='http://update.datagenserv.com/ie_code_a ... pdate.json' /lsWNHJfv='task' /xsvUOyXp=''
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-11.job - C:\Program Files\SavePass\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-11.exe /iQSnZV=hCgv1+3SQ4oEArofDnnfeKnXoIa3M2//aEB+2Ki390rQ1eSYstb9+vl2nI6CnAh8QiGKo3Zu5+pfH9HzZkJQGboU8jJ+20ahVQ1CRPlP3W2afCFZNEWBgeebSCkc1Ee85raDLG17SmbdcAbVHpADs7Honv2/z/xQfCJ4+9YCSQY8etOIdF8nsASv05xSENB/eBoWVRvzc1PPKZaVF5zCTH2EJJdUkRlXnHbBHm6nFxr9gibyTKD9FmwR16FvS6qsTIlqZHUv9tQkg1WHtrekdCUFNaEWRRDo0apqvqDO9UZfOP8dJUx/XPfUKskE3Z0fbyr1G/2meo0EliRLnSUyqxBTItWkl/BQMLEw3LRyEG1DehZvMVkZycAFFrRR5lBpFuh0nDPOH6y7oqRIbxhKUObwXBX4cYhCBL5lOAVQDZWnQYwk4he0e0ZYapGffuhSss+VrIqo9h3nBIQBkM3eaGHkzQ/r512LYhGNpGKW0og4MI0cmPgT/4QJ7uP+xm4uIfICZpjVDSo/pJJNwTw0BXaE2bxkjjlZuYEXsAO8eUGjULF6DxnT+YvD5mvSPgnD1R7eBfqzPNxI1O1A2ePNMCPKvUaisxEe9zDN+rNCobJKTH9IMNYCqng5+iXOadBs0NOU/vmmPJaw0UrerDfL6EM1ie7Y8abs3a+zY1vyDS21AEzO+nGfmisSjKuF7smJB06f+76d1cxJyS2i/VOkxW59Qed1FdcZ7r/JdZUAGvzhcwo11v7DD4ovPrO8GlcKqx2KLfqaDLWgB3Ea3VsWd1uHy0hJtHOapaw3B+VITbzyJI+01V2aZxmBoPSrkCq3xKUcIKS7pn2wvEOdUSAkH5/LIYYqzAibLbNIHBODPeexLeFk/wb/L9M/JZXTFDhCxSelU1HCzDGy6kYUQ3G33tf26ImH3T9SoaRgJRxTOBxu94OQdaYp6aITf2xZGVOiulCBvJKGehoeS1npFjNdAC55fSv4rDXtZZFJDMLCtJHyYp4agNsShGW5oYuACEsTFozwDEu61HMrRgjzgS/Eeywe4k7iiw4gQtWfRiDKSJQFpm25525O4PDim7Y99PkCd7z6g7WmW2kspeFeWj+qzlXP6N7tFhUDORdbDtWa9qCJRw3CvDBJoDIipnmbBE+bwfIU0MVifKBjPLwJDzPFIpupi0Clyu88ktEArit0vLxiZ2CG/mVfXJQYMiIT6U9NvC/IUxeVfB3sHfV3S1hnXTkUT8rXWlofpENP3ceuzxFq1iBKHXa4caq1PBdlwUtfj2Js+FltAPSUIomXiW/fFY5yAhgxgD4pbFNu/tp2qO4SMhRQ8s4ERanKLinPQGE9ZwRRnTZLHWif+HaMzHINk4+Spu2BvDvu5zDVdxydGK4HzurKwxcLeEjaaSX7Jyx0lSeBqTmOUK3+uzx283vUk5cTStXCpCU0yTPyczNc1cNWEFpcnvCv0gpuVf5lAQWB0JOony5Bd6Qzg6DVHXOdEr89FvoPjLc/cqKbMYJgb5ctFtZ6Lkegyip+CUG5gZie
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-4.job - C:\Program Files\SavePass\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-4.exe /pXNVah /BxSDWnLe='SavePass' /queerqrZ='C:\Program Files\SavePass\57050.xpi' /LqAWIoT=57050 /oWiqlmZV='001504' /uokac='0' /tngQGBsRr='0' /rTzNWfVE=1E47B492961D4342BC68BBF154553CC3IE /WSMuw=f10f07357a89b3ad497013506450e7c8 /tNHToLnF=1_34_06_10 /QXTPexWA=1.34.6.10 /CdVjuwYo=1402923849 /EqvuSdV=http://stats.datagenserv.com /rAoJpQ=http://errors.datagenserv.com /POEJZ=300 /CapqCFpJL=587fea1b-1c76-43c0-8b29-3c3da78e2485@2309207e-4ba6-42d8-b8a2-3b0a22e052b5.com /lLOzCN=0.94 /bgxsu=a587fea1b1c7643c08b293c3da78e24852309207e4ba642d8b8a23b0a22e052b5com57050 /XAqpbvAxc=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /57050.rdf /wfjMXrECM='SavePass' /zdUONgYHk='Just Save!' /ImWYGoT='OutBrowse' /OeDgJWOPy=ie /vlNeNn='{"asw":[2, 8388609, 0]}' /RVZymz /ZMLfqPh /uzsZXC /OCzOzLS='http://update.datagenserv.com/ff_agent_ ... pdate.json' /lsWNHJfv='task' /xsvUOyXp=''
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-5.job - C:\Program Files\SavePass\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-5.exe /rawdata=Orbh11FDJwNxl79jj0P0tu+UJfavxp+O1WE5qei/DF1mUv5yEQ7X6gy9hnEuxaJsompnHLVw3AbWclTcDxbD+J71go4U54eaINtyuCNn1BJcls6Hci0zhhOILwKjd8DS/+KNBWbT0eSIlgmZho2nLhrPBLHqg0wFd/iUYMtPFIx7jaQ/dGTeEMyUa+s5U16Ru0tBk4NWbb2xmxe7aal2ry1DOpHasmlYhoxmEt6DKfaP2HYZyjOj76Yl6Yk/FRTpyA/FQtVr2AJMKoW4u7VPVVtW4uYEeQwgmmYpC9nAvaqEkbxIA45QW8qIZY1FKI2ESEMoThL3eIGe4544oJa8qUHlq2D6AiPWyuPYuHb6/xRmv/wMBmQKD6c9AJTuP9/kMzlqHjw3QOsOowk3jSQItkrJdI6G37vX57DMyHP9mGm3QUwXnVxb2Kr7EgGJn142IzP57BXqn6GYriKDU+drM7m629U2Z7s/YdLt5lFoMMZ4NAqc74P7Vy+GeGVMGtfUl+kLogcUx/1VVsYM2BR0G5dUgcErn1Eanc14jNmVW4PpUDNLi5cOAeeFYjKNE7+LO6A9qhmp3oKurmuojrggJfgxlnRMbZBDuyC+UKsRFgDz4jqFyD4RVEbmyfYdh8GwHpr6cgfKNz8PLf4RkeQ/0V9hWlbtjxL2oLYXoUOU+QMPO1vObbA1Pua8SId6qzddf3KbqFGMxPnfr1wNg0LQVt/A/1prp33tLrJNeJHmV0Wqre+Dz4ni7OHKx8obS+vUxaFQtS+wkJAuoOlfY7fPC7qQZm6/aSxVzgvaY4KMO67ouWOytNP8amTauJ6eDBQ+Aj7jZvuoJsohkJ2APvSTYw==
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-6.job - C:\Program Files\SavePass\SavePass-novainstaller.exe /GHJZrtq /BxSDWnLe='SavePass' /LqAWIoT=57050 /oWiqlmZV='001504' /uokac='0' /tngQGBsRr='0' /rTzNWfVE=1E47B492961D4342BC68BBF154553CC3IE /WSMuw=f10f07357a89b3ad497013506450e7c8 /tNHToLnF=1_34_06_10 /QXTPexWA=1.34.6.10 /CdVjuwYo=1402923849 /EqvuSdV=http://stats.datagenserv.com /rAoJpQ=http://errors.datagenserv.com /VgjVj=http://js.datagenserv.com /OeDgJWOPy=ie /wKXssQQ /RPtnoDVv='nova' /URQrKZ=http://js.clientdemocloud.com /vlNeNn='{"asw":[2, 8388609, 0]}' /lsWNHJfv=task /OCzOzLS='http://update.datagenserv.com/novacode/ ... pdate.json' /lsWNHJfv='task' /xsvUOyXp=''
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\iWebar-chromeinstaller.job - C:\Program Files\iWebar\iWebar-chromeinstaller.exe /installcrx /crxinstalltype=0 /agentregpath='iWebar' /extensionfilepath='C:\Program Files\iWebar\35510.crx' /appid=35510 /srcid='000172' /subid='0' /zdata='eyJkYXRhIjp7ImRhdGUiOiJFMTN4YnUyMCw2N2IzMTY0YS1mMWQ3LTQzNjUtOTEzMy0yNDc5YzhkN2E4YWEsIiwidW5xIjoiNjdiMzE2NGEtZjFkNy00MzY1LTkxMzMtMjQ3OWM4ZDdhOGFhIn19' /bic=76C6E52467724D16864A43532B68BC9BIE /verifier=46aac97eb2d162cc933210ef18a2f5c3 /installerversion=1_32_153 /installerfullversion=1.32.153.0 /installationtime=1388774798 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=cigiagpbkapepgklncnajbakkpkopmam /extensionversion=1.26.201 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHDKymAzH6DbIMa/z/enfBruLbu++92unVHQlhWgxCOpzwxZfimeyLvB4Iis6X4GSuLGqV5tLshFI/2GfRg6FFPUuyJrOdY8uu+WPHO5Ane78Lk6sp3hq6F5/TowT6mXD2k24diTu7JCMPdQO0OzbQs+6xtOqTvU1Y21k0fIE/GQIDAQAB /allusers /allprofiles /runfrom='task' /externallog=''
C:\Windows\tasks\iWebar-codedownloader.job - C:\Program Files\iWebar\iWebar-codedownloader.exe /reinstallapp /agentregpath='iWebar' /appid=35510 /srcid='000172' /subid='0' /zdata='eyJkYXRhIjp7ImRhdGUiOiJFMTN4YnUyMCw2N2IzMTY0YS1mMWQ3LTQzNjUtOTEzMy0yNDc5YzhkN2E4YWEsIiwidW5xIjoiNjdiMzE2NGEtZjFkNy00MzY1LTkxMzMtMjQ3OWM4ZDdhOGFhIn19' /bic=76C6E52467724D16864A43532B68BC9BIE /verifier=46aac97eb2d162cc933210ef18a2f5c3 /installerversion=1_32_153 /installerfullversion=1.32.153.0 /installationtime=1388774798 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /codedownloaddomain=http://app-static.crossrider.com /allusers /runfrom='task' /externallog=''
C:\Windows\tasks\iWebar-firefoxinstaller.job - C:\Program Files\iWebar\iWebar-firefoxinstaller.exe /installxpi /agentregpath='iWebar' /extensionfilepath='C:\Program Files\iWebar\35510.xpi' /appid=35510 /srcid='000172' /subid='0' /zdata='eyJkYXRhIjp7ImRhdGUiOiJFMTN4YnUyMCw2N2IzMTY0YS1mMWQ3LTQzNjUtOTEzMy0yNDc5YzhkN2E4YWEsIiwidW5xIjoiNjdiMzE2NGEtZjFkNy00MzY1LTkxMzMtMjQ3OWM4ZDdhOGFhIn19' /bic=76C6E52467724D16864A43532B68BC9BIE /verifier=46aac97eb2d162cc933210ef18a2f5c3 /installerversion=1_32_153 /installerfullversion=1.32.153.0 /installationtime=1388774798 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com /extensionversion=0.93 /prefsbranch=a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /35510.rdf /extensionname='iWebar' /extensiondesc='iWebar' /publishername='iWebar' /allusers /allprofiles /runfrom='task' /externallog=''
C:\Windows\tasks\iWebar-updater.job - C:\Program Files\iWebar\iWebar-updater.exe /rawdata=vrLNkk3E1TYvEC98mne60L9JKly5bHgVeXEQMg8TQMC4ePqjr11Jq7anrYwyM0LRNNc09vQ+SxsUdIQo1fF50TcSfbsd4ipvkc9xqdpZR/loOZySf876/DopmGP+Wx6+NMv7ytLr6xoZBXCIN4fKjFii9FL4IFIljrmJgnF2l1NcIKCYHNSuWvsXNgmfN8yLTjWJVDvHaR5gSYHoujDhLLNbPLf/fB1akfczvLj4EZ/kICdgnyOED4+BjBF1FObx/k9kSGD2tNkTY3fk8JVSTelufBbcF6OdhLtKxfHloFXZPrlZBPM3iUF4rqHw62Ebiumxscns8m6DUDTs9ZDYJVBntcPUBKxKI/2TpVBQOpeV2ISSh9ZJD1oDlHz3KE6/CXx1T66OOyohvrm5ASvXgatBiHaFXsvO4u7QlRZD00hjPBUvdqjma5udeRHLAnnQ5D2sqaaTXD5LY/897xf+xsAJCxGW+kKzcCI1H/IeKn6O08PurReULxTArwOQWX9UsY+uAH+HRO9jYXGHraqVBqU7qm6/8RJvpPYfp58TAwGC4arEZ926ZEd4p2XzRB5BcBMOPCZLlI0RWwQiJcLm4XNiqs3VsH6HM343ashozlY13OVEJnTybaU1yD8VGSP8Zsjq667Qk/z71HwJT2rAgI+QYIpddwmWDd+1Nma5UxcH5bMF11oKwrurgQo6HUD97GEcHhA8r8KGbuVkcCkbitFrG5OnMIlnwLzzFIneEq1/PNt3+R8wheDyrkfBE+koRclq8OSuU3CV/rZ/VOF8NfVyR5zhpptaISVfa9G3wHIw9rUaItjaIhmIzIRYOn4UyXzMichaoRqOoEoQlj884TwJyIcePunrKSm+puzfCuIBT/lBica0yNVZd7hu4Qb+wq/s2SToybgA9HryEzxjDtlhVtozAHdoakU45Vcy+9fpfEffMAjPb+7p8IfqC4rYp3/n19hJbsDrqGTJj9hFTblOw5H+HFQJ6WPxHFVgf9LdN0AhWOz9nHBBTd8UDfc5
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
Sense - C:\Program Files\Sense\Sense-bho.dll [2014-01-03 640512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}]
SavePass - C:\Program Files\SavePass\SavePass-bho.dll [2014-06-16 556904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-451D-94DB-32EF802A01CD}]
PasswordBox Helper - C:\Program Files\PasswordBox\Application\pbbtn.dll [2014-11-29 141832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
Shopper Pro - C:\ProgramData\ShopperPro\ShopperPro.dll [2014-03-27 430440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-10-15 157480]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-10-05 2174976]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-01-23 31087200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver]
C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.exe [2014-03-17 3212648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItupFree]
C:\Program Files\SpeedItup Free\speeditupfree.exe []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.FICV"=ficvdec_x86.dll
"VIDC.FMVC"=fmcodec.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-02-27 19:37:55 ----D---- C:\rsit
2015-02-27 19:37:55 ----D---- C:\Program Files\trend micro
2015-02-27 19:20:41 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-02-27 19:20:38 ----D---- C:\ProgramData\RogueKiller
2015-02-12 17:30:33 ----A---- C:\Windows\system32\wdi.dll
2015-02-12 17:30:33 ----A---- C:\Windows\system32\powertracker.dll
2015-02-12 17:30:33 ----A---- C:\Windows\system32\perftrack.dll
2015-02-12 17:30:25 ----A---- C:\Windows\system32\win32k.sys
2015-02-12 17:30:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\sspicli.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\secur32.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\msobjs.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\msaudite.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\lsass.exe
2015-02-12 17:30:22 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-12 17:30:22 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-12 17:30:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-12 17:30:22 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-12 17:30:22 ----A---- C:\Windows\system32\auditpol.exe
2015-02-12 17:30:22 ----A---- C:\Windows\system32\adtschema.dll
2015-02-12 17:30:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-12 17:30:11 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-02-12 17:30:08 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\invagent.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\generaltel.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\devinv.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\appraiser.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-12 17:30:07 ----A---- C:\Windows\system32\aepic.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\aepdu.dll
2015-02-12 17:30:07 ----A---- C:\Windows\system32\aeinv.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\wdigest.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\schannel.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\kerberos.dll
2015-02-12 17:30:05 ----A---- C:\Windows\system32\credssp.dll
2015-02-12 17:30:03 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 17:30:03 ----A---- C:\Windows\system32\iernonce.dll
2015-02-12 17:30:03 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-12 17:30:03 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-12 17:30:03 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-12 17:30:02 ----A---- C:\Windows\system32\urlmon.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 17:30:02 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-12 17:30:02 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-12 17:30:02 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-12 17:30:01 ----A---- C:\Windows\system32\wininet.dll
2015-02-12 17:30:01 ----A---- C:\Windows\system32\msrating.dll
2015-02-12 17:30:01 ----A---- C:\Windows\system32\iesetup.dll
2015-02-12 17:30:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 17:30:00 ----A---- C:\Windows\system32\ieui.dll
2015-02-12 17:30:00 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-12 17:29:59 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-12 17:29:59 ----A---- C:\Windows\system32\ieframe.dll
2015-02-12 17:29:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-12 17:29:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-12 17:29:58 ----A---- C:\Windows\system32\iertutil.dll
2015-02-12 17:29:57 ----A---- C:\Windows\system32\mshtml.dll
2015-02-12 17:29:56 ----A---- C:\Windows\system32\vbscript.dll
2015-02-12 17:29:56 ----A---- C:\Windows\system32\jscript9.dll
2015-02-12 17:29:09 ----A---- C:\Windows\system32\crypt32.dll
2015-02-12 17:29:08 ----A---- C:\Windows\system32\scesrv.dll
2015-02-12 17:28:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-01-28 15:09:01 ----D---- C:\Program Files\City Interactive
======List of files/folders modified in the last 1 month======
2015-02-27 19:38:00 ----D---- C:\Windows\Temp
2015-02-27 19:37:55 ----D---- C:\Program Files
2015-02-27 19:35:35 ----D---- C:\Users\Rka\AppData\Roaming\Skype
2015-02-27 19:31:30 ----D---- C:\Windows\winsxs
2015-02-27 19:31:25 ----D---- C:\Windows\system32\config
2015-02-27 19:31:23 ----D---- C:\ProgramData\NVIDIA
2015-02-27 19:30:18 ----D---- C:\Windows\system32\drivers
2015-02-27 19:30:18 ----D---- C:\Windows\system32\cs-CZ
2015-02-27 19:30:18 ----D---- C:\Windows\System32
2015-02-27 19:20:38 ----HD---- C:\ProgramData
2015-02-27 19:17:10 ----SHD---- C:\System Volume Information
2015-02-27 19:16:01 ----D---- C:\Windows\system32\Tasks
2015-02-27 19:15:59 ----D---- C:\Windows\Tasks
2015-02-27 19:09:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:09:04 ----D---- C:\Windows\inf
2015-02-27 19:05:29 ----SHD---- C:\Windows\Installer
2015-02-27 19:05:29 ----D---- C:\ProgramData\Skype
2015-02-27 19:05:26 ----RD---- C:\Program Files\Skype
2015-02-25 15:46:15 ----SD---- C:\Windows\system32\CompatTel
2015-02-25 15:46:15 ----D---- C:\Windows\tracing
2015-02-25 15:46:15 ----D---- C:\Windows\system32\appraiser
2015-02-25 15:46:14 ----D---- C:\Windows\system32\en-US
2015-02-25 15:46:14 ----D---- C:\Program Files\Internet Explorer
2015-02-12 18:53:09 ----D---- C:\Windows\system32\MRT
2015-02-12 18:53:08 ----A---- C:\Windows\system32\MRT.exe
2015-02-12 18:51:50 ----D---- C:\ProgramData\Package Cache
2015-02-12 18:51:41 ----D---- C:\ProgramData\Microsoft Help
2015-02-12 18:50:44 ----D---- C:\Windows\Prefetch
2015-02-12 18:09:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-02-12 17:28:26 ----D---- C:\Windows\system32\catroot2
2015-02-12 17:24:31 ----D---- C:\Users\Ruzicka\AppData\Roaming\Seznam.cz
2015-01-28 14:36:49 ----D---- C:\Program Files\Steam
2015-01-28 14:32:44 ----D---- C:\Program Files\Common Files\Steam
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-01-10 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 SPDRIVER_1.30.1.146;SPDRIVER_1.30.1.146; \??\C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.sys [2014-03-17 41320]
R2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2014-08-19 162592]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 XSplit_Dummy;XSplit Stream Audio Renderer; C:\Windows\system32\drivers\xspltspk.sys [2014-07-02 22104]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-01-10 279712]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-07-28 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
R2 PasswordBox;PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [2014-05-14 67584]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-12-01 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-16 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-16 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-12 102912]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-18 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, pomalý PC a reklamy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalý PC a reklamy
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalý PC a reklamy
Tak tady je log po cleanu :
# AdwCleaner v4.111 - Logfile created 09/03/2015 at 18:30:31
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Rka - RKA-PC
# Running from : C:\Users\Rka\Downloads\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [23118 bytes] - [04/03/2015 18:34:37]
AdwCleaner[R1].txt - [593 bytes] - [09/03/2015 17:08:46]
AdwCleaner[R2].txt - [936 bytes] - [09/03/2015 17:15:45]
AdwCleaner[S0].txt - [21460 bytes] - [04/03/2015 21:44:55]
AdwCleaner[S1].txt - [864 bytes] - [09/03/2015 18:30:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [922 bytes] ##########
# AdwCleaner v4.111 - Logfile created 09/03/2015 at 18:30:31
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Rka - RKA-PC
# Running from : C:\Users\Rka\Downloads\adwcleaner_4.111.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Google Chrome v40.0.2214.115
*************************
AdwCleaner[R0].txt - [23118 bytes] - [04/03/2015 18:34:37]
AdwCleaner[R1].txt - [593 bytes] - [09/03/2015 17:08:46]
AdwCleaner[R2].txt - [936 bytes] - [09/03/2015 17:15:45]
AdwCleaner[S0].txt - [21460 bytes] - [04/03/2015 21:44:55]
AdwCleaner[S1].txt - [864 bytes] - [09/03/2015 18:30:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [922 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalý PC a reklamy
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\Sense
C:\Program Files\SavePass
C:\Program Files\PasswordBox\Application\pbbtn.dll
C:\ProgramData\ShopperPro
C:\Windows\tasks\92763219-cd5e-449c-9ee4-e16989e2a0e3-6.job
C:\Program Files\HQ-V1.4
C:\Windows\tasks\92763219-cd5e-449c-9ee4-e16989e2a0e3-7.job
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-1.job
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-11.job
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-4.job
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-5.job
C:\Windows\tasks\b3f7aa08-b9e5-42ed-8a68-4ab013ee21ae-6.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\iWebar-chromeinstaller.job
C:\Program Files\iWebar
C:\Windows\tasks\iWebar-firefoxinstaller.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511701150}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DB69B97-934B-4-51D-94DB-32EF802A01CD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalý PC a reklamy
Logfile of random's system information tool 1.10 (written by random/random)
Run by Rcka at 2015-03-12 17:28:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 117 GB (46%) free of 254 GB
Total RAM: 2046 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:24, on 12.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EXPERTool\TBPANEL.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Rcka\Desktop\RSIT.exe
C:\Program Files\trend micro\Rcka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files\PasswordBox\pbbtnService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 6969 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Rka\AppData\Roaming\Mozilla\Firefox\Profiles\jgd25mts.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 157480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-10-05 2174976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 157480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-01-23 31087200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver]
C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItupFree]
C:\Program Files\SpeedItup Free\speeditupfree.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.FICV"=ficvdec_x86.dll
"VIDC.FMVC"=fmcodec.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-03-12 17:18:45 ----D---- C:\_OTM
2015-03-11 13:11:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 13:11:26 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 13:11:26 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 13:11:25 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 13:11:22 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 13:11:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 13:11:19 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 13:11:19 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 13:11:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 13:11:18 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 13:11:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 13:11:17 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 13:11:16 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 13:11:15 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 13:11:15 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 13:10:26 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 13:10:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 13:10:24 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 13:10:24 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 13:10:24 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 13:10:23 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 13:10:20 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 13:10:20 ----A---- C:\Windows\system32\mf.dll
2015-03-11 13:10:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 13:10:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 13:10:19 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\winload.exe
2015-03-11 13:10:18 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 13:10:18 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 13:10:18 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\smss.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\evr.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 13:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 13:10:16 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 13:10:16 ----A---- C:\Windows\system32\mferror.dll
2015-03-10 15:45:37 ----D---- C:\ProgramData\McAfee
2015-03-09 20:33:22 ----D---- C:\Program Files\Mozilla Firefox
2015-03-09 20:07:18 ----D---- C:\Users\Rcka\AppData\Roaming\Mozilla
2015-03-09 20:07:02 ----D---- C:\ProgramData\Mozilla
2015-03-09 20:07:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-09 17:15:13 ----A---- C:\Windows\ntbtlog.txt
2015-03-09 15:56:29 ----D---- C:\Program Files\iPod
2015-03-09 15:56:28 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-09 15:56:28 ----D---- C:\Program Files\iTunes
2015-03-04 18:34:29 ----D---- C:\AdwCleaner
2015-02-27 19:37:55 ----D---- C:\rsit
2015-02-27 19:37:55 ----D---- C:\Program Files\trend micro
2015-02-27 19:20:41 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-02-27 19:20:38 ----D---- C:\ProgramData\RogueKiller
2015-02-17 16:04:46 ----A---- C:\Windows\system32\FM20.DLL
======List of files/folders modified in the last 1 month======
2015-03-12 17:28:13 ----D---- C:\Windows\Prefetch
2015-03-12 17:25:57 ----D---- C:\Windows\Temp
2015-03-12 17:25:55 ----D---- C:\ProgramData\NVIDIA
2015-03-12 17:24:43 ----D---- C:\Windows\System32
2015-03-12 17:18:50 ----D---- C:\Windows\Tasks
2015-03-12 17:18:50 ----D---- C:\Program Files
2015-03-12 15:58:20 ----D---- C:\Program Files\Steam
2015-03-12 14:13:37 ----D---- C:\Windows\system32\config
2015-03-12 14:02:40 ----D---- C:\Windows\rescache
2015-03-12 12:11:33 ----D---- C:\Windows\winsxs
2015-03-12 12:10:02 ----D---- C:\Windows\system32\en-US
2015-03-12 12:10:02 ----D---- C:\Program Files\Internet Explorer
2015-03-12 12:10:01 ----D---- C:\Windows\system32\drivers
2015-03-12 12:10:01 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 12:09:59 ----D---- C:\Windows\system32\Dism
2015-03-12 12:09:59 ----D---- C:\Program Files\Windows Media Player
2015-03-12 12:09:58 ----D---- C:\Windows\system32\Boot
2015-03-11 21:54:08 ----SHD---- C:\Windows\Installer
2015-03-11 21:54:07 ----D---- C:\ProgramData\Microsoft Help
2015-03-11 21:53:43 ----D---- C:\Windows\system32\MRT
2015-03-11 21:50:10 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 21:48:34 ----SHD---- C:\System Volume Information
2015-03-11 13:08:48 ----D---- C:\Windows\system32\catroot2
2015-03-10 17:51:10 ----D---- C:\Users\Rka\AppData\Roaming\.minecraft
2015-03-10 17:29:33 ----D---- C:\TopCD
2015-03-10 15:48:54 ----HD---- C:\ProgramData
2015-03-10 15:45:36 ----D---- C:\Windows\system32\Tasks
2015-03-10 15:45:36 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-03-09 20:02:22 ----D---- C:\Program Files\Google
2015-03-09 17:15:13 ----D---- C:\Windows
2015-03-09 17:06:14 ----D---- C:\Windows\system32\catroot
2015-03-09 15:56:28 ----D---- C:\Program Files\Common Files\Apple
2015-03-04 18:51:47 ----D---- C:\Users\Rka\AppData\Roaming\Skype
2015-03-04 18:21:55 ----D---- C:\Windows\Minidump
2015-03-04 09:33:28 ----D---- C:\Program Files\Common Files\Steam
2015-02-27 19:09:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:09:04 ----D---- C:\Windows\inf
2015-02-27 19:05:29 ----D---- C:\ProgramData\Skype
2015-02-27 19:05:26 ----RD---- C:\Program Files\Skype
2015-02-25 15:46:15 ----SD---- C:\Windows\system32\CompatTel
2015-02-25 15:46:15 ----D---- C:\Windows\tracing
2015-02-25 15:46:15 ----D---- C:\Windows\system32\appraiser
2015-02-24 03:23:36 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-01-10 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2014-08-19 162592]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 XSplit_Dummy;XSplit Stream Audio Renderer; C:\Windows\system32\drivers\xspltspk.sys [2014-07-02 22104]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-01-10 279712]
S2 SPDRIVER_1.30.1.146;SPDRIVER_1.30.1.146; \??\C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-07-28 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
R2 PasswordBox;PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [2014-05-14 67584]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-12-01 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-09 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-18 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Rcka at 2015-03-12 17:28:00
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 117 GB (46%) free of 254 GB
Total RAM: 2046 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:28:24, on 12.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\EXPERTool\TBPANEL.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Rcka\Desktop\RSIT.exe
C:\Program Files\trend micro\Rcka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3954508139-776480016-141318318-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PasswordBox - PasswordBox, Inc. - C:\Program Files\PasswordBox\pbbtnService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
--
End of file - 6969 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Rka\AppData\Roaming\Mozilla\Firefox\Profiles\jgd25mts.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2014-08-19 1795872]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 157480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-10-05 2174976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Use [2014-01-03 14838]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2015-02-13 157480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-01-23 31087200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-01-20 1833504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver]
C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedItupFree]
C:\Program Files\SpeedItup Free\speeditupfree.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.FICV"=ficvdec_x86.dll
"VIDC.FMVC"=fmcodec.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-03-12 17:18:45 ----D---- C:\_OTM
2015-03-11 13:11:28 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 13:11:27 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 13:11:26 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 13:11:26 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 13:11:25 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-11 13:11:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\urlmon.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\iernonce.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-11 13:11:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-11 13:11:23 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-11 13:11:22 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\wininet.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\msrating.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\iesetup.dll
2015-03-11 13:11:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-11 13:11:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-11 13:11:19 ----A---- C:\Windows\system32\ieui.dll
2015-03-11 13:11:19 ----A---- C:\Windows\system32\ieframe.dll
2015-03-11 13:11:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-11 13:11:18 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-11 13:11:17 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-11 13:11:17 ----A---- C:\Windows\system32\iertutil.dll
2015-03-11 13:11:16 ----A---- C:\Windows\system32\mshtml.dll
2015-03-11 13:11:15 ----A---- C:\Windows\system32\vbscript.dll
2015-03-11 13:11:15 ----A---- C:\Windows\system32\jscript9.dll
2015-03-11 13:10:26 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\schannel.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\kerberos.dll
2015-03-11 13:10:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-11 13:10:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-11 13:10:24 ----A---- C:\Windows\system32\wdigest.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\sspicli.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\secur32.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msobjs.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\msaudite.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\lsass.exe
2015-03-11 13:10:24 ----A---- C:\Windows\system32\credssp.dll
2015-03-11 13:10:24 ----A---- C:\Windows\system32\auditpol.exe
2015-03-11 13:10:24 ----A---- C:\Windows\system32\adtschema.dll
2015-03-11 13:10:23 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 13:10:22 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 13:10:20 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 13:10:20 ----A---- C:\Windows\system32\mf.dll
2015-03-11 13:10:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-11 13:10:19 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-03-11 13:10:19 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\winload.exe
2015-03-11 13:10:18 ----A---- C:\Windows\system32\srcore.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\rstrui.exe
2015-03-11 13:10:18 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 13:10:18 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 13:10:18 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 13:10:18 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\srclient.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\smss.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\evr.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 13:10:17 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 13:10:17 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 13:10:17 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 13:10:17 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-11 13:10:16 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 13:10:16 ----A---- C:\Windows\system32\mferror.dll
2015-03-10 15:45:37 ----D---- C:\ProgramData\McAfee
2015-03-09 20:33:22 ----D---- C:\Program Files\Mozilla Firefox
2015-03-09 20:07:18 ----D---- C:\Users\Rcka\AppData\Roaming\Mozilla
2015-03-09 20:07:02 ----D---- C:\ProgramData\Mozilla
2015-03-09 20:07:02 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-09 17:15:13 ----A---- C:\Windows\ntbtlog.txt
2015-03-09 15:56:29 ----D---- C:\Program Files\iPod
2015-03-09 15:56:28 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-09 15:56:28 ----D---- C:\Program Files\iTunes
2015-03-04 18:34:29 ----D---- C:\AdwCleaner
2015-02-27 19:37:55 ----D---- C:\rsit
2015-02-27 19:37:55 ----D---- C:\Program Files\trend micro
2015-02-27 19:20:41 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-02-27 19:20:38 ----D---- C:\ProgramData\RogueKiller
2015-02-17 16:04:46 ----A---- C:\Windows\system32\FM20.DLL
======List of files/folders modified in the last 1 month======
2015-03-12 17:28:13 ----D---- C:\Windows\Prefetch
2015-03-12 17:25:57 ----D---- C:\Windows\Temp
2015-03-12 17:25:55 ----D---- C:\ProgramData\NVIDIA
2015-03-12 17:24:43 ----D---- C:\Windows\System32
2015-03-12 17:18:50 ----D---- C:\Windows\Tasks
2015-03-12 17:18:50 ----D---- C:\Program Files
2015-03-12 15:58:20 ----D---- C:\Program Files\Steam
2015-03-12 14:13:37 ----D---- C:\Windows\system32\config
2015-03-12 14:02:40 ----D---- C:\Windows\rescache
2015-03-12 12:11:33 ----D---- C:\Windows\winsxs
2015-03-12 12:10:02 ----D---- C:\Windows\system32\en-US
2015-03-12 12:10:02 ----D---- C:\Program Files\Internet Explorer
2015-03-12 12:10:01 ----D---- C:\Windows\system32\drivers
2015-03-12 12:10:01 ----D---- C:\Windows\system32\cs-CZ
2015-03-12 12:09:59 ----D---- C:\Windows\system32\Dism
2015-03-12 12:09:59 ----D---- C:\Program Files\Windows Media Player
2015-03-12 12:09:58 ----D---- C:\Windows\system32\Boot
2015-03-11 21:54:08 ----SHD---- C:\Windows\Installer
2015-03-11 21:54:07 ----D---- C:\ProgramData\Microsoft Help
2015-03-11 21:53:43 ----D---- C:\Windows\system32\MRT
2015-03-11 21:50:10 ----A---- C:\Windows\system32\MRT.exe
2015-03-11 21:48:34 ----SHD---- C:\System Volume Information
2015-03-11 13:08:48 ----D---- C:\Windows\system32\catroot2
2015-03-10 17:51:10 ----D---- C:\Users\Rka\AppData\Roaming\.minecraft
2015-03-10 17:29:33 ----D---- C:\TopCD
2015-03-10 15:48:54 ----HD---- C:\ProgramData
2015-03-10 15:45:36 ----D---- C:\Windows\system32\Tasks
2015-03-10 15:45:36 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-03-09 20:02:22 ----D---- C:\Program Files\Google
2015-03-09 17:15:13 ----D---- C:\Windows
2015-03-09 17:06:14 ----D---- C:\Windows\system32\catroot
2015-03-09 15:56:28 ----D---- C:\Program Files\Common Files\Apple
2015-03-04 18:51:47 ----D---- C:\Users\Rka\AppData\Roaming\Skype
2015-03-04 18:21:55 ----D---- C:\Windows\Minidump
2015-03-04 09:33:28 ----D---- C:\Program Files\Common Files\Steam
2015-02-27 19:09:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-27 19:09:04 ----D---- C:\Windows\inf
2015-02-27 19:05:29 ----D---- C:\ProgramData\Skype
2015-02-27 19:05:26 ----RD---- C:\Program Files\Skype
2015-02-25 15:46:15 ----SD---- C:\Windows\system32\CompatTel
2015-02-25 15:46:15 ----D---- C:\Windows\tracing
2015-02-25 15:46:15 ----D---- C:\Windows\system32\appraiser
2015-02-24 03:23:36 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-01-10 25888]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 TBPanel;TBPanel; C:\Windows\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-07-26 41752]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2014-08-19 162592]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
R3 XSplit_Dummy;XSplit Stream Audio Renderer; C:\Windows\system32\drivers\xspltspk.sys [2014-07-02 22104]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-01-10 279712]
S2 SPDRIVER_1.30.1.146;SPDRIVER_1.30.1.146; \??\C:\Program Files\ShopperPro\JSDriver\1.30.1.146\jsdrv.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-07-28 45056]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
R2 PasswordBox;PasswordBox; C:\Program Files\PasswordBox\pbbtnService.exe [2014-05-14 67584]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-12-01 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2014-08-04 5095264]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 1713904]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-02-13 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-03-09 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-09 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-18 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalý PC a reklamy
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalý PC a reklamy
děkuji, PC se znatelně zrychlilo, jen Chrome nefunguje ani po přeinstal , vyřešil jsem to Firefoxem. díky za pomoc
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalý PC a reklamy
Pouhý samotný reinstal chrome nepomůže. Zazálohujte ho pomocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pk jej odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky, příp. hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?