dobry vecer, chcel by som poprosit o dokladnu kontrolu pc. Mam pocit, ze pc nefunguje ok. pomale nacitavanie stranok, brutalne huci...atd.
Vopred dakujem,
Logfile of random's system information tool 1.10 (written by random/random)
Run by GLADEE LTD at 2015-03-21 19:35:25
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 40 GB (17%) free of 230 GB
Total RAM: 2046 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:55, on 21/03/2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Glary Utilities 5\Integrator.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\GLADEE LTD\Downloads\RSIT.exe
C:\Program Files\trend micro\GLADEE LTD.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - (no file)
O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - (no file)
O2 - BHO: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file)
O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4160401380-2986599317-1667886896-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [] OSK.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [] OSK.exe (User 'Default user')
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit pøekladaè - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Pøeložit &oznaèený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Pøeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} - https://www.windowsvistatestdrive.com/m ... lient1.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\Software\..\Telephony: DomainName = marosbochin
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS5\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS6\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS7\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS8\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS9\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS10\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS11\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS12\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS13\Services\Tcpip\Parameters: Domain = marosbochin
O17 - HKLM\System\CS14\Services\Tcpip\Parameters: Domain = marosbochin
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 13910 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Ad-Aware Update (Weekly).job - C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GlaryInitialize 5.job - C:\Program Files\Glary Utilities 5\Initialize.exe
C:\Windows\tasks\GlaryOneClickOptimizer 5.job - C:\Program Files\Glary Utilities 5\OneClickMaintenance.exe /schedulestart
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\User_Feed_Synchronization-{45EB8DA7-6D98-4184-8613-F6D3DEC996BA}.job - C:\Windows\system32\msfeedssync.exe sync
=========Mozilla firefox=========
ProfilePath - C:\Users\GLADEE LTD\AppData\Roaming\Mozilla\Firefox\Profiles\voavuaed.default-1425142728049
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571]
"Description"=RealMedia Plugin
"Path"=C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2629]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
AskSearch.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsIBitCometAgent.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npBitCometAgent.dll
npbittorrent.dll
npdeploytk.dll
npDivxPlayerPlugin.dll
npnul32.dll
NPOFF12.DLL
nppdf32.DEU
nppdf32.dll
nppdf32.FRA
nsIDivxPlayerPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Toolbar Helper
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Windows\WebIE.dll [2008-11-28 491520]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01 1144072]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03 194504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe []
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2009-02-27 38768]
""= []
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2009-02-27 640376]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-10 67488]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5088456]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-07 44168]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"GUDelayStartup"=C:\Program Files\Glary Utilities 5\StartupManager.exe [2015-02-12 37152]
"uTorrent"=C:\Users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe [2015-02-25 1740880]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [2015-02-15 960688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"=C:\Windows\system32\Wshxt.dll [2009-03-05 53248]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=C:\PROGRA~1\MpcStar\Codecs\tscc\tsccvid.dll
"msacm.voxacm160"=vct3216.acm
"msacm.scg726"=scg726.acm
"msacm.alf2cd"=alf2cd.acm
"msacm.ac3acm"=AC3ACM.acm
"vidc.dvsd"=mcdvd_32.dll
"vidc.mpg4"=mpg4c32.dll
"vidc.mp42"=mpg4c32.dll
"vidc.mp43"=mpg4c32.dll
"vidc.xvid"=xvidvfw.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP62"=vp6vfw.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.siren"=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Program Files\Photomania Deluxe\photomania.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-03-21 19:35:27 ----D---- C:\Program Files\trend micro
2015-03-21 19:35:25 ----D---- C:\rsit
2015-03-07 22:46:26 ----D---- C:\Program Files\Mozilla Firefox
2015-02-26 11:31:41 ----ASH---- C:\hiberfil.sys
2015-02-26 11:18:33 ----D---- C:\Program Files\ESET
2015-02-26 10:11:42 ----SHD---- C:\found.000
2015-02-26 09:59:07 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\WinRAR
2015-02-26 08:21:07 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\NVIDIA
2015-02-26 00:27:57 ----D---- C:\Program Files\Common Files\DivX Shared
2015-02-24 23:09:09 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\Hewlett-Packard
2015-02-24 22:42:08 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\TeamViewer
2015-02-23 21:41:24 ----D---- C:\ProgramData\AOL
2015-02-23 21:41:22 ----D---- C:\Program Files\Common Files\AOL
2015-02-23 21:40:40 ----HD---- C:\TEMP
2015-02-23 21:40:37 ----D---- C:\Program Files\AOL
2015-02-22 08:44:38 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\Apple Computer
2015-02-22 08:43:14 ----D---- C:\Program Files\iPod
2015-02-22 08:43:13 ----D---- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-22 08:43:12 ----D---- C:\ProgramData\Apple Computer
2015-02-22 08:43:12 ----D---- C:\Program Files\iTunes
2015-02-22 08:41:43 ----D---- C:\Program Files\Apple Software Update
2015-02-22 08:38:30 ----D---- C:\Program Files\Bonjour
2015-02-22 08:38:00 ----D---- C:\ProgramData\Apple
2015-02-22 08:38:00 ----D---- C:\Program Files\Common Files\Apple
======List of files/folders modified in the last 1 month======
2015-03-21 19:35:55 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\uTorrent
2015-03-21 19:35:36 ----HD---- C:\Windows\Temp
2015-03-21 19:35:27 ----RD---- C:\Program Files
2015-03-21 19:18:57 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\BrowserExtensions
2015-03-21 17:29:17 ----D---- C:\Windows\System32
2015-03-21 17:29:17 ----D---- C:\Windows\inf
2015-03-21 17:29:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-21 17:25:07 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\vlc
2015-03-21 16:39:33 ----D---- C:\Program Files\Glary Utilities 5
2015-03-21 16:38:45 ----D---- C:\Windows\SMINST
2015-03-21 16:38:03 ----D---- C:\Windows\winsxs
2015-03-20 08:29:23 ----SHD---- C:\System Volume Information
2015-03-14 21:32:31 ----SD---- C:\Users\GLADEE LTD\AppData\Roaming\Microsoft
2015-03-12 08:32:27 ----D---- C:\Windows\system32\catroot2
2015-03-12 08:19:56 ----D---- C:\Windows\Prefetch
2015-03-10 22:19:15 ----D---- C:\Windows\system32\catroot
2015-03-10 22:18:59 ----SHD---- C:\Windows\Installer
2015-03-10 22:18:58 ----D---- C:\ProgramData\Microsoft Help
2015-03-10 22:11:16 ----D---- C:\Windows\system32\MRT
2015-03-10 22:00:52 ----D---- C:\Windows\Debug
2015-03-10 22:00:47 ----A---- C:\Windows\system32\mrt.exe
2015-03-10 08:22:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-03 19:32:44 ----D---- C:\WINDOWS
2015-02-28 14:25:55 ----HD---- C:\ProgramData
2015-02-28 13:15:31 ----D---- C:\Program Files\CCleaner
2015-02-28 12:21:34 ----D---- C:\Program Files\DivX
2015-02-28 12:20:28 ----D---- C:\ProgramData\DivX
2015-02-27 20:29:09 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\Dropbox
2015-02-26 11:24:38 ----D---- C:\Windows\system32\drivers
2015-02-26 10:39:34 ----D---- C:\ProgramData\AVAST Software
2015-02-26 10:33:46 ----SD---- C:\Windows\system32\Microsoft
2015-02-26 08:21:01 ----D---- C:\Users\GLADEE LTD\AppData\Roaming\DivX
2015-02-26 00:27:57 ----D---- C:\Program Files\Common Files
2015-02-25 23:02:27 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-02-25 22:05:52 ----D---- C:\Windows\Minidump
2015-02-25 22:05:52 ----D---- C:\Windows\Logs
2015-02-25 18:50:35 ----D---- C:\Windows\Tasks
2015-02-24 23:09:44 ----D---- C:\Windows\system32\Tasks
2015-02-24 22:27:45 ----D---- C:\Windows\system32\WDI
2015-02-24 04:23:36 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-23 22:33:00 ----D---- C:\Windows\system32\Msdtc
2015-02-23 22:32:54 ----D---- C:\Windows\system32\wbem
2015-02-23 22:32:04 ----D---- C:\Windows\system32\config
2015-02-23 22:31:33 ----D---- C:\Windows\system32\en-US
2015-02-23 22:31:32 ----D---- C:\Windows\system32\zh-HK
2015-02-23 22:31:31 ----D---- C:\Windows\system32\zh-CN
2015-02-23 22:31:31 ----D---- C:\Windows\system32\XPSViewer
2015-02-23 22:31:31 ----D---- C:\Windows\system32\spool
2015-02-23 22:31:31 ----D---- C:\Windows\system32\SMI
2015-02-23 22:31:30 ----D---- C:\Windows\system32\es-ES
2015-02-23 22:31:30 ----D---- C:\Windows\system32\drivers\UMDF
2015-02-23 22:31:29 ----D---- C:\Windows\system32\CodeIntegrity
2015-02-23 22:30:52 ----D---- C:\Windows\registration
2015-02-23 10:18:15 ----RSD---- C:\Windows\assembly
2015-02-23 10:18:15 ----D---- C:\Windows\Microsoft.NET
2015-02-22 08:44:17 ----DC---- C:\Windows\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2008-06-02 305688]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-05-16 43528]
R0 SCMNdisP;General NDIS Protocol Driver; C:\Windows\system32\DRIVERS\scmndisp.sys [2007-01-19 21728]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-01 691696]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 191928]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2008-08-18 371248]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 135296]
R1 GUBootStartup;GUBootStartup; \??\C:\Windows\System32\drivers\GUBootStartup.sys [2015-02-19 17344]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080829.001\IDSvix86.sys [2008-06-03 261680]
R1 RawDisk3;RawDisk3; \??\C:\Windows\system32\drivers\rawdsk3.sys [2014-08-12 28256]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 123424]
R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]
R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-11 2324512]
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2012-03-07 11407680]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-07-04 123952]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
S3 bfturboh;BUFFALO TurboUSB for HD Filter; C:\Windows\system32\drivers\bfturboh.sys [2008-02-12 17152]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-08-18 99376]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 39272]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVEX15.SYS []
S3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
S3 RTL8187;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\Windows\system32\DRIVERS\wg111v2.sys [2007-12-26 288768]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\Windows\system32\DRIVERS\snp2sxp.sys []
S3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-19 73088]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S4 SecureLockWare_EncryptFilterDriver;SecureLockWare Encryption Filter driver; C:\Windows\SYSTEM32\DRIVERS\ENCRFIL.SYS []
S4 SecureLockWare_EncryptFilterDriver2;SecureLockWare Encryption Filter driver Ver.2; C:\Windows\SYSTEM32\DRIVERS\SLWFIL.SYS []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-10 124832]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2014-10-01 1349576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-03-06 645440]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-07 2458944]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-03-28 249648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-15 116648]
S2 IntelDHSvcConf;Intel DH Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
S2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-25 267440]
S3 AlertService;Intel(R) Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2006-09-11 188416]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-04-01 183560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-30 651720]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-02-15 116648]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-17 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ISSM;Intel(R) Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2006-09-11 75264]
S3 M1 Server;Intel(R) Viiv(TM) Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2006-09-01 26624]
S3 MCLServiceATL;Intel(R) Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2006-09-11 167936]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-07 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Remote UI Service;Intel(R) Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2006-09-11 544256]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosim o kontrolu pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Poprosim o kontrolu pc
Zdravim 
Jedna se o domaci pc, nebo pracovni/firemni?
Jedna se o domaci pc, nebo pracovni/firemni?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
dobry den,
nie je to domaci pocitac, proste asi 6 rocna rachotina
nie je to domaci pocitac, proste asi 6 rocna rachotina
Re: Poprosim o kontrolu pc
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
# AdwCleaner v4.112 - Logfile created 22/03/2015 at 08:35:36
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : GLADEE LTD - MAROS
# Running from : C:\Users\GLADEE LTD\Downloads\adwcleaner_4.112.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
File Found : C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\ParetoLogic
Folder Found : C:\Program Files\Registry Helper
Folder Found : C:\Program Files\registry mechanic
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\DriverCure
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\PC Drivers HeadQuarters
Folder Found : C:\ProgramData\Registry Helper
Folder Found : C:\Users\GLADEE LTD\AppData\Roaming\BrowserExtensions
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\AppDataLow\Software\Browser Extensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Registry Helper
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
***** [ Web browsers ] *****
-\\ Internet Explorer v9.0.8112.16609
-\\ Mozilla Firefox v36.0.3 (x86 cs)
-\\ Google Chrome v41.0.2272.101
[C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [4608 bytes] - [22/03/2015 08:35:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4667 bytes] ##########
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Username : GLADEE LTD - MAROS
# Running from : C:\Users\GLADEE LTD\Downloads\adwcleaner_4.112.exe
# Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
File Found : C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
Folder Found : C:\Program Files\DAEMON Tools Toolbar
Folder Found : C:\Program Files\ParetoLogic
Folder Found : C:\Program Files\Registry Helper
Folder Found : C:\Program Files\registry mechanic
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\DriverCure
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
Folder Found : C:\ProgramData\ParetoLogic
Folder Found : C:\ProgramData\PC Drivers HeadQuarters
Folder Found : C:\ProgramData\Registry Helper
Folder Found : C:\Users\GLADEE LTD\AppData\Roaming\BrowserExtensions
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
Key Found : HKCU\Software\AppDataLow\Software\Browser Extensions
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3A787631-66A2-4634-B928-A37E73B58FB6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Registry Helper
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
***** [ Web browsers ] *****
-\\ Internet Explorer v9.0.8112.16609
-\\ Mozilla Firefox v36.0.3 (x86 cs)
-\\ Google Chrome v41.0.2272.101
[C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [4608 bytes] - [22/03/2015 08:35:36]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4667 bytes] ##########
Re: Poprosim o kontrolu pc
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22/03/2015
Cas skenování: 10:55:58
Protokol: log.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.03
Databáze rootkitu: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: GLADEE LTD
Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 567112
Uplynulý cas: 2 hod, 57 min, 51 sek
Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíce registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 2
PUP.Optional.Seznam, C:\Users\GLADEE LTD\Downloads\uTorrent-setup.exe, , [800bf6528208c86e24ac1d2e05fc2fd1],
Trojan.Agent, C:\WINDOWS\system\shell.exe, , [206b5eeabad0a88ea8ff006941c3966a],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 22/03/2015
Cas skenování: 10:55:58
Protokol: log.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.03
Databáze rootkitu: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: GLADEE LTD
Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 567112
Uplynulý cas: 2 hod, 57 min, 51 sek
Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíce registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 2
PUP.Optional.Seznam, C:\Users\GLADEE LTD\Downloads\uTorrent-setup.exe, , [800bf6528208c86e24ac1d2e05fc2fd1],
Trojan.Agent, C:\WINDOWS\system\shell.exe, , [206b5eeabad0a88ea8ff006941c3966a],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Poprosim o kontrolu pc
Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
Dobre rano,
uz som to spustal po tretikrat. ked som to spustil 2x naslo mi to aj trojana, hned som ho vymazal.
Tu je log az po vymazani trojana
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22/03/2015
Cas skenování: 20:47:43
Protokol: log1.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.06
Databáze rootkitu: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: GLADEE LTD
Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 567990
Uplynulý cas: 3 hod, 26 min, 12 sek
Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíce registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
uz som to spustal po tretikrat. ked som to spustil 2x naslo mi to aj trojana, hned som ho vymazal.
Tu je log az po vymazani trojana
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 22/03/2015
Cas skenování: 20:47:43
Protokol: log1.txt
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.22.06
Databáze rootkitu: v2015.02.25.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows Vista Service Pack 2
CPU: x86
Souborový systém: NTFS
Uživatel: GLADEE LTD
Typ skenu: Vlastní sken
Výsledek: Dokonceno
Prohledaných objektu: 567990
Uplynulý cas: 3 hod, 26 min, 12 sek
Pamet: Zapnuto
Po spuštení: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíce registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Poprosim o kontrolu pc
MBAM odinstalujte.
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc! Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte
Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradkuPokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
ComboFix 15-03-23.01 - GLADEE LTD 23/03/2015 21:15:20.1.2 - x86
Running from: c:\users\GLADEE LTD\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-02-23 to 2015-03-23 )))))))))))))))))))))))))))))))
.
.
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-22 10:52 . 2015-03-23 21:07 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-03-22 10:52 . 2015-03-22 10:52 -------- d-----w- c:\programdata\Malwarebytes
2015-03-22 08:34 . 2015-03-22 09:07 -------- d-----w- C:\AdwCleaner
2015-03-21 19:35 . 2015-03-21 19:35 -------- d-----w- c:\program files\trend micro
2015-03-21 19:35 . 2015-03-21 19:36 -------- d-----w- C:\rsit
2015-03-21 17:55 . 2015-03-22 02:05 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF09F4CE-5C16-44F3-A778-F9FE7A27E7E8}\offreg.dll
2015-03-21 17:12 . 2015-01-29 09:49 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF09F4CE-5C16-44F3-A778-F9FE7A27E7E8}\mpengine.dll
2015-02-26 11:49 . 2015-02-26 11:49 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\ESET
2015-02-26 11:18 . 2015-02-26 11:18 -------- d-----w- c:\program files\ESET
2015-02-26 10:11 . 2015-02-26 10:11 -------- d-----w- C:\found.000
2015-02-26 08:21 . 2015-02-26 08:21 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\NVIDIA
2015-02-26 00:27 . 2015-02-28 12:20 -------- d-----w- c:\program files\Common Files\DivX Shared
2015-02-24 23:09 . 2015-02-24 23:09 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\Hewlett-Packard
2015-02-24 22:42 . 2015-02-24 22:42 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\TeamViewer
2015-02-23 21:41 . 2015-02-23 21:41 -------- d-----w- c:\programdata\AOL
2015-02-23 21:41 . 2015-02-23 21:41 -------- d-----w- c:\program files\Common Files\AOL
2015-02-23 21:40 . 2015-02-23 21:40 -------- d-----w- C:\TEMP
2015-02-22 08:44 . 2015-02-22 09:01 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\Apple Computer
2015-02-22 08:44 . 2015-02-22 08:44 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\Apple Computer
2015-02-22 08:43 . 2015-02-23 18:49 -------- d-----w- c:\program files\iPod
2015-02-22 08:43 . 2015-02-22 08:44 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-22 08:43 . 2015-02-22 08:44 -------- d-----w- c:\program files\iTunes
2015-02-22 08:43 . 2015-02-22 08:43 -------- d-----w- c:\programdata\Apple Computer
2015-02-22 08:41 . 2015-02-22 08:41 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\Apple
2015-02-22 08:41 . 2015-02-22 08:41 -------- d-----w- c:\program files\Apple Software Update
2015-02-22 08:39 . 2015-02-23 22:31 -------- d-----w- c:\users\GLADEE LTD\{971c2098-0666-4441-9658-5bb5a33f1c39}
2015-02-22 08:38 . 2015-02-22 08:38 -------- d-----w- c:\program files\Bonjour
2015-02-22 08:38 . 2015-02-22 08:43 -------- d-----w- c:\program files\Common Files\Apple
2015-02-22 08:38 . 2015-02-22 08:41 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-25 23:02 . 2015-02-15 18:08 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-25 23:02 . 2015-02-15 18:08 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-24 04:23 . 2009-10-02 22:28 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 12:16 . 2011-03-28 18:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-19 17:55 . 2015-02-19 17:55 17344 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2015-02-17 16:04 . 2015-02-17 16:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2015-02-17 15:40 . 2015-02-17 15:40 161792 ----a-w- c:\windows\system32\msls31.dll
2015-02-17 15:40 . 2015-02-17 15:40 86528 ----a-w- c:\windows\system32\iesysprep.dll
2015-02-17 15:40 . 2015-02-17 15:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-02-17 15:40 . 2015-02-17 15:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-02-17 15:40 . 2015-02-17 15:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-02-17 15:40 . 2015-02-17 15:40 74752 ----a-w- c:\windows\system32\iesetup.dll
2015-02-17 15:40 . 2015-02-17 15:40 63488 ----a-w- c:\windows\system32\tdc.ocx
2015-02-17 15:40 . 2015-02-17 15:40 23552 ----a-w- c:\windows\system32\licmgr10.dll
2015-02-17 15:40 . 2015-02-17 15:40 152064 ----a-w- c:\windows\system32\wextract.exe
2015-02-17 15:40 . 2015-02-17 15:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2015-02-17 15:40 . 2015-02-17 15:40 35840 ----a-w- c:\windows\system32\imgutil.dll
2015-02-17 15:40 . 2015-02-17 15:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-02-17 15:40 . 2015-02-17 15:40 101888 ----a-w- c:\windows\system32\admparse.dll
2015-02-17 15:38 . 2015-02-17 15:38 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2015-02-17 15:38 . 2015-02-17 15:38 98816 ----a-w- c:\windows\system32\mfps.dll
2015-02-17 15:38 . 2015-02-17 15:38 586240 ----a-w- c:\windows\system32\stobject.dll
2015-02-17 15:38 . 2015-02-17 15:38 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2015-02-17 15:38 . 2015-02-17 15:38 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2015-02-17 15:38 . 2015-02-17 15:38 2873344 ----a-w- c:\windows\system32\mf.dll
2015-02-17 15:38 . 2015-02-17 15:38 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2015-02-17 15:38 . 2015-02-17 15:38 209920 ----a-w- c:\windows\system32\mfplat.dll
2015-02-17 15:38 . 2015-02-17 15:38 478720 ----a-w- c:\windows\system32\dxgi.dll
2015-02-17 15:38 . 2015-02-17 15:38 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2015-02-17 15:38 . 2015-02-17 15:38 847360 ----a-w- c:\windows\system32\OpcServices.dll
2015-02-17 15:38 . 2015-02-17 15:38 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2015-02-17 15:38 . 2015-02-17 15:38 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2015-02-17 15:38 . 2015-02-17 15:38 258048 ----a-w- c:\windows\system32\winspool.drv
2015-02-17 15:38 . 2015-02-17 15:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2015-01-23 03:00 . 2015-02-19 09:10 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-01-15 04:13 . 2015-02-15 21:07 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-01-14 01:49 . 2015-02-18 08:29 367104 ----a-w- c:\windows\system32\html.iec
2015-01-14 01:42 . 2015-02-18 08:29 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-01-14 01:42 . 2015-02-18 08:28 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-01-14 01:41 . 2015-02-18 08:29 421376 ----a-w- c:\windows\system32\vbscript.dll
2015-01-14 01:41 . 2015-02-18 08:28 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-14 01:40 . 2015-02-18 08:29 11776 ----a-w- c:\windows\system32\mshta.exe
2015-01-14 01:40 . 2015-02-18 08:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-01-13 01:39 . 2015-02-15 21:08 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-01-09 00:20 . 2015-02-15 21:10 2063360 ----a-w- c:\windows\system32\win32k.sys
2007-01-06 06:09 . 2007-01-06 06:09 208896 ----a-w- c:\program files\Common Files\VistaRunApp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2015-02-12 37152]
"uTorrent"="c:\users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe" [2015-02-25 1740880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-10 67488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5088456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2009-03-05 53248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-21 17:06 1061704 ----a-w- c:\program files\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-15 23:02]
.
2015-03-23 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2015-02-12 08:03]
.
2015-03-02 c:\windows\Tasks\GlaryOneClickOptimizer 5.job
- c:\program files\Glary Utilities 5\OneClickMaintenance.exe [2015-02-12 08:04]
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-15 18:48]
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-15 18:48]
.
2015-03-23 c:\windows\Tasks\User_Feed_Synchronization-{45EB8DA7-6D98-4184-8613-F6D3DEC996BA}.job
- c:\windows\system32\msfeedssync.exe [2015-02-18 01:40]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=desktop
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\GLADEE LTD\AppData\Roaming\Mozilla\Firefox\Profiles\voavuaed.default-1425142728049\
.
.
------- File Associations -------
.
.scr=Photomania
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-23 21:26
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2015-03-23 21:30:07
ComboFix-quarantined-files.txt 2015-03-23 21:30
.
Pre-Run: 76,026,044,416 bytes free
Post-Run: 76,350,484,480 bytes free
.
- - End Of File - - FDD9D7318E21DDF12C23B7641CD05EEE
8913823FF508CCF109DB74B636C301DA
Running from: c:\users\GLADEE LTD\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2015-02-23 to 2015-03-23 )))))))))))))))))))))))))))))))
.
.
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2015-03-23 21:26 . 2015-03-23 21:26 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-22 10:52 . 2015-03-23 21:07 -------- d-----w- c:\program files\Malwarebytes Anti-Malware
2015-03-22 10:52 . 2015-03-22 10:52 -------- d-----w- c:\programdata\Malwarebytes
2015-03-22 08:34 . 2015-03-22 09:07 -------- d-----w- C:\AdwCleaner
2015-03-21 19:35 . 2015-03-21 19:35 -------- d-----w- c:\program files\trend micro
2015-03-21 19:35 . 2015-03-21 19:36 -------- d-----w- C:\rsit
2015-03-21 17:55 . 2015-03-22 02:05 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF09F4CE-5C16-44F3-A778-F9FE7A27E7E8}\offreg.dll
2015-03-21 17:12 . 2015-01-29 09:49 9041640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BF09F4CE-5C16-44F3-A778-F9FE7A27E7E8}\mpengine.dll
2015-02-26 11:49 . 2015-02-26 11:49 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\ESET
2015-02-26 11:18 . 2015-02-26 11:18 -------- d-----w- c:\program files\ESET
2015-02-26 10:11 . 2015-02-26 10:11 -------- d-----w- C:\found.000
2015-02-26 08:21 . 2015-02-26 08:21 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\NVIDIA
2015-02-26 00:27 . 2015-02-28 12:20 -------- d-----w- c:\program files\Common Files\DivX Shared
2015-02-24 23:09 . 2015-02-24 23:09 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\Hewlett-Packard
2015-02-24 22:42 . 2015-02-24 22:42 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\TeamViewer
2015-02-23 21:41 . 2015-02-23 21:41 -------- d-----w- c:\programdata\AOL
2015-02-23 21:41 . 2015-02-23 21:41 -------- d-----w- c:\program files\Common Files\AOL
2015-02-23 21:40 . 2015-02-23 21:40 -------- d-----w- C:\TEMP
2015-02-22 08:44 . 2015-02-22 09:01 -------- d-----w- c:\users\GLADEE LTD\AppData\Roaming\Apple Computer
2015-02-22 08:44 . 2015-02-22 08:44 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\Apple Computer
2015-02-22 08:43 . 2015-02-23 18:49 -------- d-----w- c:\program files\iPod
2015-02-22 08:43 . 2015-02-22 08:44 -------- d-----w- c:\programdata\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-02-22 08:43 . 2015-02-22 08:44 -------- d-----w- c:\program files\iTunes
2015-02-22 08:43 . 2015-02-22 08:43 -------- d-----w- c:\programdata\Apple Computer
2015-02-22 08:41 . 2015-02-22 08:41 -------- d-----w- c:\users\GLADEE LTD\AppData\Local\Apple
2015-02-22 08:41 . 2015-02-22 08:41 -------- d-----w- c:\program files\Apple Software Update
2015-02-22 08:39 . 2015-02-23 22:31 -------- d-----w- c:\users\GLADEE LTD\{971c2098-0666-4441-9658-5bb5a33f1c39}
2015-02-22 08:38 . 2015-02-22 08:38 -------- d-----w- c:\program files\Bonjour
2015-02-22 08:38 . 2015-02-22 08:43 -------- d-----w- c:\program files\Common Files\Apple
2015-02-22 08:38 . 2015-02-22 08:41 -------- d-----w- c:\programdata\Apple
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-25 23:02 . 2015-02-15 18:08 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-25 23:02 . 2015-02-15 18:08 701616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2015-02-24 04:23 . 2009-10-02 22:28 246920 ------w- c:\windows\system32\MpSigStub.exe
2015-02-20 12:16 . 2011-03-28 18:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-02-19 17:55 . 2015-02-19 17:55 17344 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2015-02-17 16:04 . 2015-02-17 16:04 1202848 ----a-w- c:\windows\system32\FM20.DLL
2015-02-17 15:40 . 2015-02-17 15:40 161792 ----a-w- c:\windows\system32\msls31.dll
2015-02-17 15:40 . 2015-02-17 15:40 86528 ----a-w- c:\windows\system32\iesysprep.dll
2015-02-17 15:40 . 2015-02-17 15:40 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-02-17 15:40 . 2015-02-17 15:40 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-02-17 15:40 . 2015-02-17 15:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-02-17 15:40 . 2015-02-17 15:40 74752 ----a-w- c:\windows\system32\iesetup.dll
2015-02-17 15:40 . 2015-02-17 15:40 63488 ----a-w- c:\windows\system32\tdc.ocx
2015-02-17 15:40 . 2015-02-17 15:40 23552 ----a-w- c:\windows\system32\licmgr10.dll
2015-02-17 15:40 . 2015-02-17 15:40 152064 ----a-w- c:\windows\system32\wextract.exe
2015-02-17 15:40 . 2015-02-17 15:40 150528 ----a-w- c:\windows\system32\iexpress.exe
2015-02-17 15:40 . 2015-02-17 15:40 35840 ----a-w- c:\windows\system32\imgutil.dll
2015-02-17 15:40 . 2015-02-17 15:40 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-02-17 15:40 . 2015-02-17 15:40 101888 ----a-w- c:\windows\system32\admparse.dll
2015-02-17 15:38 . 2015-02-17 15:38 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2015-02-17 15:38 . 2015-02-17 15:38 98816 ----a-w- c:\windows\system32\mfps.dll
2015-02-17 15:38 . 2015-02-17 15:38 586240 ----a-w- c:\windows\system32\stobject.dll
2015-02-17 15:38 . 2015-02-17 15:38 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2015-02-17 15:38 . 2015-02-17 15:38 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2015-02-17 15:38 . 2015-02-17 15:38 2873344 ----a-w- c:\windows\system32\mf.dll
2015-02-17 15:38 . 2015-02-17 15:38 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2015-02-17 15:38 . 2015-02-17 15:38 209920 ----a-w- c:\windows\system32\mfplat.dll
2015-02-17 15:38 . 2015-02-17 15:38 478720 ----a-w- c:\windows\system32\dxgi.dll
2015-02-17 15:38 . 2015-02-17 15:38 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2015-02-17 15:38 . 2015-02-17 15:38 847360 ----a-w- c:\windows\system32\OpcServices.dll
2015-02-17 15:38 . 2015-02-17 15:38 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2015-02-17 15:38 . 2015-02-17 15:38 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2015-02-17 15:38 . 2015-02-17 15:38 258048 ----a-w- c:\windows\system32\winspool.drv
2015-02-17 15:38 . 2015-02-17 15:38 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2015-01-23 03:00 . 2015-02-19 09:10 1810944 ----a-w- c:\windows\system32\jscript9.dll
2015-01-15 04:13 . 2015-02-15 21:07 440760 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-01-14 01:49 . 2015-02-18 08:29 367104 ----a-w- c:\windows\system32\html.iec
2015-01-14 01:42 . 2015-02-18 08:29 1129472 ----a-w- c:\windows\system32\wininet.dll
2015-01-14 01:42 . 2015-02-18 08:28 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2015-01-14 01:41 . 2015-02-18 08:29 421376 ----a-w- c:\windows\system32\vbscript.dll
2015-01-14 01:41 . 2015-02-18 08:28 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2015-01-14 01:40 . 2015-02-18 08:29 11776 ----a-w- c:\windows\system32\mshta.exe
2015-01-14 01:40 . 2015-02-18 08:29 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-01-13 01:39 . 2015-02-15 21:08 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-01-09 00:20 . 2015-02-15 21:10 2063360 ----a-w- c:\windows\system32\win32k.sys
2007-01-06 06:09 . 2007-01-06 06:09 208896 ----a-w- c:\program files\Common Files\VistaRunApp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"GUDelayStartup"="c:\program files\Glary Utilities 5\StartupManager.exe" [2015-02-12 37152]
"uTorrent"="c:\users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe" [2015-02-25 1740880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-10 67488]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2014-10-01 5088456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2009-03-05 53248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [2007-01-26 2831232]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-21 17:06 1061704 ----a-w- c:\program files\Google\Chrome\Application\41.0.2272.101\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-15 23:02]
.
2015-03-23 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files\Glary Utilities 5\Initialize.exe [2015-02-12 08:03]
.
2015-03-02 c:\windows\Tasks\GlaryOneClickOptimizer 5.job
- c:\program files\Glary Utilities 5\OneClickMaintenance.exe [2015-02-12 08:04]
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-15 18:48]
.
2015-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2015-02-15 18:48]
.
2015-03-23 c:\windows\Tasks\User_Feed_Synchronization-{45EB8DA7-6D98-4184-8613-F6D3DEC996BA}.job
- c:\windows\system32\msfeedssync.exe [2015-02-18 01:40]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=73&bd=Pavilion&pf=desktop
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\GLADEE LTD\AppData\Roaming\Mozilla\Firefox\Profiles\voavuaed.default-1425142728049\
.
.
------- File Associations -------
.
.scr=Photomania
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2015-03-23 21:26
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2015-03-23 21:30:07
ComboFix-quarantined-files.txt 2015-03-23 21:30
.
Pre-Run: 76,026,044,416 bytes free
Post-Run: 76,350,484,480 bytes free
.
- - End Of File - - FDD9D7318E21DDF12C23B7641CD05EEE
8913823FF508CCF109DB74B636C301DA
Re: Poprosim o kontrolu pc
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Poprosim o kontrolu pc
Dobry vecer,
ospravedlnujem sa za oneskorenu odpoved, ale mam trosku problemy s internetom. Odkedy som naistaloval combo fix, tak sa nemozem pripojit na internet. pouzivam TP-LINK AV500. Doteraz mi to vsetko fungovalo a neviem co sa stalo. Momentalne som pripojeny cez wifi adapter netgear, ale signal je mizerny. neviem co mam s tym robit?
ospravedlnujem sa za oneskorenu odpoved, ale mam trosku problemy s internetom. Odkedy som naistaloval combo fix, tak sa nemozem pripojit na internet. pouzivam TP-LINK AV500. Doteraz mi to vsetko fungovalo a neviem co sa stalo. Momentalne som pripojeny cez wifi adapter netgear, ale signal je mizerny. neviem co mam s tym robit?
Re: Poprosim o kontrolu pc
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/03/27 21:07:50
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801GR/GH SATA AHCI Controller [ATA]
- ST3250820AS
- TSSTcorp CD/DVDW TS-H653L
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST3250820AS : 250.0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3250820AS
----------------------------------------------------------------------------
Model : ST3250820AS
Firmware : 3.AHG
Serial Number : 5QE3HYET
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 3587 hours
Power On Count : 1740 count
Temparature : 54 C (129 F)
Health Status : Caution
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Read Error Rate
03 _95 _95 __0 000000000000 Spin-Up Time
04 _99 _99 _20 000000000712 Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _84 _60 _30 0000103C85FA Seek Error Rate
09 _96 _96 __0 000000000E03 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 0000000006CC Power Cycle Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BD 100 100 __0 000000000000 High Fly Writes
BE _46 _39 _45 000036260036 Airflow Temperature
C2 _54 _61 __0 000C00000036 Temperature
C3 _66 _54 __0 0000093EF704 Hardware ECC recovered
C5 100 100 __0 000000000001 Current Pending Sector Count
C6 100 100 __0 000000000001 Uncorrectable Sector Count
C7 200 200 __0 000000000015 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3551 3551 4533 4859 4554
020: 0000 4000 0004 332E 4148 2020 2020 5354 3332 3530
030: 3832 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 3069 7C01 4023 3C01 3C01 4023 203F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0006
120: 0004 0000 0000 0000 0000 0000 0000 0000 0000 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C7B 0304
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1200 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0009 0009 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6EA5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows Vista Home Premium Edition SP2 [6.0 Build 6002] (x86)
Date : 2015/03/27 21:07:50
-- Controller Map ----------------------------------------------------------
+ Intel(R) 82801GR/GH SATA AHCI Controller [ATA]
- ST3250820AS
- TSSTcorp CD/DVDW TS-H653L
- Microsoft iSCSI Initiator [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST3250820AS : 250.0 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST3250820AS
----------------------------------------------------------------------------
Model : ST3250820AS
Firmware : 3.AHG
Serial Number : 5QE3HYET
Disk Size : 250.0 GB (8.4/137.4/250.0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Unknown
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 3587 hours
Power On Count : 1740 count
Temparature : 54 C (129 F)
Health Status : Caution
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 253 __6 000000000000 Read Error Rate
03 _95 _95 __0 000000000000 Spin-Up Time
04 _99 _99 _20 000000000712 Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _84 _60 _30 0000103C85FA Seek Error Rate
09 _96 _96 __0 000000000E03 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 0000000006CC Power Cycle Count
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BD 100 100 __0 000000000000 High Fly Writes
BE _46 _39 _45 000036260036 Airflow Temperature
C2 _54 _61 __0 000C00000036 Temperature
C3 _66 _54 __0 0000093EF704 Hardware ECC recovered
C5 100 100 __0 000000000001 Current Pending Sector Count
C6 100 100 __0 000000000001 Uncorrectable Sector Count
C7 200 200 __0 000000000015 UltraDMA CRC Error Count
C8 100 253 __0 000000000000 Write Error Rate
CA 100 253 __0 000000000000 Data Address Mark Error
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3551 3551 4533 4859 4554
020: 0000 4000 0004 332E 4148 2020 2020 5354 3332 3530
030: 3832 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0506 0506 0000 0048 0040
080: 00FE 0000 3069 7C01 4023 3C01 3C01 4023 203F 0000
090: 0000 FEFE FFFE 0000 D000 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 4000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0006
120: 0004 0000 0000 0000 0000 0000 0000 0000 0000 5970
130: 1D1C 5970 1D1C 2020 0002 0002 0002 008A 3C7B 0304
140: 0000 07C6 0100 0800 1314 0002 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1200 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0009 0009 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6EA5
Re: Poprosim o kontrolu pc
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by GLADEE LTD (administrator) on MAROS on 27-03-2015 21:10:56
Running from C:\Users\GLADEE LTD\Downloads
Loaded Profiles: GLADEE LTD & UpdatusUser (Available profiles: IUSR_NMPR & GLADEE LTD & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehsched.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\WINDOWS\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
() C:\Program Files\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Crystal Dew World) C:\Users\GLADEE LTD\AppData\Local\Temp\Rar$EX01.255\DiskInfo.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38768 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2009-02-27] (Adobe Systems Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-10] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44168 2007-03-07] (soft thinks)
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\...\Run: [uTorrent] => C:\Users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-25] (BitTorrent Inc.)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-4160401380-2986599317-1667886896-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKU\S-1-5-21-4160401380-2986599317-1667886896-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
SearchScopes: HKLM -> {F0E6EFA4-B10C-4FFE-B24F-9B9653517578} URL = http://uk.search.yahoo.com/search?p={se ... fr=cb-hp06
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> {2E78AF1D-0C5B-4CAE-82D4-AC2A8A8FA7FD} URL = http://www.bing.com/search?FORM=WLETDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> {5593A44C-183C-4F8E-9A3A-59A228FFE07A} URL = https://uk.search.yahoo.com/search?fr=c ... earchTerms}
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: No Name -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> No File
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09] (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll [2008-11-28] ()
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} https://www.windowsvistatestdrive.com/m ... lient1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
ShellExecuteHooks: - {DAE0285D-0788-4E87-985E-01DF2EDE4ACD} - C:\WINDOWS\System32\wshxt.dll [53248 2009-03-05] ()
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\GLADEE LTD\AppData\Roaming\Mozilla\Firefox\Profiles\voavuaed.default-1425142728049
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [2008-10-05] (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2007-06-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2008-01-23] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2008-01-08] (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2010-03-09] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-12-11] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-01-08] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-02-27] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-25]
Chrome:
=======
CHR HomePage: Default -> https://uk.search.yahoo.com/?type=523482&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://uk.search.yahoo.com/?type=523482&fr=yo-yhp-ch", "hxxp://www.google.com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]
CHR Extension: (YouTube) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]
CHR Extension: (Google Sheets) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (Gmail) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation) [File not signed]
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-03-30] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation) [File not signed]
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] () [File not signed]
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation) [File not signed]
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation) [File not signed]
S2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-05] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [2831232 2007-01-26] (ASUSTeK Computer Inc.)
S3 bfturboh; C:\Windows\System32\drivers\bfturboh.sys [17152 2008-02-12] (BUFFALO INC.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2008-08-18] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [99376 2008-08-18] (Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17344 2015-02-19] (Glarysoft Ltd)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080829.001\IDSvix86.sys [261680 2008-06-03] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [28256 2014-08-12] (EldoS Corporation)
R3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [288768 2007-12-26] (NETGEAR Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-01-01] () [File not signed]
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2008-07-04] (Symantec Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\GLADEE~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 SecureLockWare_EncryptFilterDriver; \SystemRoot\SYSTEM32\DRIVERS\ENCRFIL.SYS [X]
S4 SecureLockWare_EncryptFilterDriver2; \SystemRoot\SYSTEM32\DRIVERS\SLWFIL.SYS [X]
S3 SNP2STD; system32\DRIVERS\snp2sxp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 21:10 - 2015-03-27 21:12 - 00021285 _____ () C:\Users\GLADEE LTD\Downloads\FRST.txt
2015-03-27 21:10 - 2015-03-27 21:11 - 00000000 ____D () C:\FRST
2015-03-27 21:09 - 2015-03-27 21:09 - 01135104 _____ (Farbar) C:\Users\GLADEE LTD\Downloads\FRST.exe
2015-03-27 21:01 - 2015-03-27 21:05 - 01496172 _____ () C:\Users\GLADEE LTD\Downloads\CrystalDiskInfo5_0_0.zip
2015-03-27 19:05 - 2015-03-27 19:05 - 00012236 _____ () C:\ComboFix.txt
2015-03-27 18:46 - 2015-03-27 18:45 - 00000459 _____ () C:\Users\GLADEE LTD\Desktop\ComboFix.lnk
2015-03-27 18:37 - 2015-03-27 18:41 - 00003039 _____ () C:\Users\GLADEE LTD\Desktop\PowerLine Utility.lnk
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Program Files\WinPcap
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Program Files\TP-LINK
2015-03-25 08:29 - 2015-03-27 20:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-23 21:12 - 2011-06-26 06:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 21:12 - 2010-11-07 17:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 21:12 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 21:11 - 2015-03-27 19:05 - 00000000 ____D () C:\Qoobox
2015-03-23 21:10 - 2015-03-23 21:28 - 00000000 ____D () C:\Windows\erdnt
2015-03-22 17:06 - 2015-03-22 17:06 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{0D578B1B-AF78-467E-B73F-37C9CD360A8A}
2015-03-22 10:52 - 2015-03-23 21:07 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-22 10:52 - 2015-03-22 10:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-22 10:51 - 2015-03-22 10:51 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\GLADEE LTD\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-22 08:34 - 2015-03-22 09:07 - 00000000 ____D () C:\AdwCleaner
2015-03-22 08:34 - 2015-03-22 08:34 - 02171392 _____ () C:\Users\GLADEE LTD\Downloads\adwcleaner_4.112.exe
2015-03-22 07:59 - 2015-03-22 08:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-21 19:35 - 2015-03-21 19:36 - 00000000 ____D () C:\rsit
2015-03-21 19:35 - 2015-03-21 19:35 - 00000000 ____D () C:\Program Files\trend micro
2015-03-21 19:34 - 2015-03-21 19:34 - 01107968 _____ () C:\Users\GLADEE LTD\Downloads\RSIT.exe
2015-03-21 19:33 - 2015-03-21 19:33 - 00112107 _____ (forum.viry.cz) C:\Users\GLADEE LTD\Downloads\VerzeOS.exe
2015-03-21 17:03 - 2015-03-21 17:04 - 108800816 _____ (Apple Inc.) C:\Users\GLADEE LTD\Downloads\iTunesSetup.exe
2015-03-06 08:36 - 2015-03-06 08:37 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{AF29C6BD-76CF-4654-9468-F1D20419A7CB}
2015-03-06 08:36 - 2015-03-06 08:36 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{B6B6DFF6-F1FA-4AD5-849B-65C6FEECD395}
2015-03-03 19:32 - 2015-03-27 19:17 - 00003448 _____ () C:\Windows\PFRO.log
2015-02-28 16:55 - 2015-02-28 16:58 - 00000000 ____D () C:\Users\GLADEE LTD\Desktop\Původní data aplikace Firefox
2015-02-26 11:49 - 2015-02-26 11:49 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\ESET
2015-02-26 11:18 - 2015-02-26 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-02-26 11:18 - 2015-02-26 11:18 - 00000000 ____D () C:\Program Files\ESET
2015-02-26 10:11 - 2015-02-26 10:11 - 00000000 ____D () C:\found.000
2015-02-26 09:59 - 2015-02-26 09:59 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\WinRAR
2015-02-26 09:59 - 2015-02-26 09:59 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-26 08:21 - 2015-02-26 08:21 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\NVIDIA
2015-02-26 00:27 - 2015-02-28 12:20 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-02-25 20:11 - 2015-02-25 20:11 - 00000801 _____ () C:\Users\GLADEE LTD\Desktop\µTorrent.lnk
2015-02-25 20:11 - 2015-02-25 20:11 - 00000781 _____ () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 21:10 - 2008-09-28 16:45 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{45EB8DA7-6D98-4184-8613-F6D3DEC996BA}.job
2015-03-27 21:07 - 2015-02-15 18:48 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 21:05 - 2015-02-15 19:05 - 02027443 _____ () C:\Windows\WindowsUpdate.log
2015-03-27 21:02 - 2015-02-15 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 20:40 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\tracing
2015-03-27 20:25 - 2006-11-02 12:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-27 20:24 - 2015-02-19 17:55 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-27 20:24 - 2015-02-17 12:15 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\uTorrent
2015-03-27 20:23 - 2015-02-15 18:48 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 20:23 - 2007-06-01 04:13 - 00000000 ____D () C:\Windows\SMINST
2015-03-27 20:23 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 20:23 - 2006-11-02 12:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 20:23 - 2006-11-02 12:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 20:21 - 2006-11-02 13:01 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-27 20:16 - 2006-11-02 10:33 - 00712556 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 19:01 - 2006-11-02 10:23 - 00000215 _____ () C:\Windows\system.ini
2015-03-27 17:48 - 2015-02-17 14:52 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\vlc
2015-03-27 17:27 - 2015-02-17 14:43 - 00105472 _____ () C:\Users\GLADEE LTD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-24 19:25 - 2015-02-19 17:55 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-23 21:30 - 2006-11-02 11:18 - 00000000 __RHD () C:\Users\Default
2015-03-23 21:30 - 2006-11-02 11:18 - 00000000 ___RD () C:\Users\Public
2015-03-23 08:28 - 2006-11-02 12:47 - 01753704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 17:12 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\Web
2015-03-22 17:09 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\system
2015-03-22 10:09 - 2015-02-20 15:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-21 18:47 - 2015-02-15 18:54 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 22:18 - 2007-06-01 03:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-10 22:11 - 2015-02-15 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-10 22:00 - 2006-11-02 10:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-06 08:36 - 2015-02-20 11:53 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\Windows Live
2015-03-02 17:07 - 2015-02-19 17:56 - 00000410 _____ () C:\Windows\Tasks\GlaryOneClickOptimizer 5.job
2015-02-28 13:15 - 2015-02-15 18:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-28 12:21 - 2009-02-16 22:14 - 00000000 ____D () C:\Program Files\DivX
2015-02-28 12:20 - 2015-02-17 14:31 - 00000000 ____D () C:\ProgramData\DivX
2015-02-28 12:19 - 2009-02-16 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-02-27 20:29 - 2015-02-15 20:18 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Dropbox
2015-02-26 11:20 - 2015-02-15 16:11 - 00000000 ____D () C:\Users\GLADEE LTD
2015-02-26 10:39 - 2015-02-15 19:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 08:21 - 2015-02-17 14:32 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\DivX
2015-02-25 23:02 - 2015-02-15 18:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-25 23:02 - 2015-02-15 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-25 22:05 - 2008-07-24 11:48 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2007-01-06 06:09 - 2007-01-06 06:09 - 0208896 _____ () C:\Program Files\Common Files\VistaRunApp.exe
2015-02-17 14:43 - 2015-03-27 17:27 - 0105472 _____ () C:\Users\GLADEE LTD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-30 19:07 - 2009-03-30 19:07 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2007-06-01 03:45 - 2007-06-01 03:46 - 0000311 _____ () C:\ProgramData\hpzinstall.log
2008-11-30 15:54 - 2008-11-30 15:54 - 0005062 _____ () C:\ProgramData\nyaaqbsr.rmh
2008-11-30 15:48 - 2008-11-30 15:48 - 0005018 _____ () C:\ProgramData\xqkcebzs.dik
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-27 20:28
==================== End Of Log ============================
Ran by GLADEE LTD (administrator) on MAROS on 27-03-2015 21:10:56
Running from C:\Users\GLADEE LTD\Downloads
Loaded Profiles: GLADEE LTD & UpdatusUser (Available profiles: IUSR_NMPR & GLADEE LTD & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Glarysoft Ltd) C:\Program Files\Glary Utilities 5\Integrator.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehsched.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\WINDOWS\System32\mobsync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
() C:\Program Files\WinRAR\WinRAR.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(Crystal Dew World) C:\Users\GLADEE LTD\AppData\Local\Temp\Rar$EX01.255\DiskInfo.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [OsdMaestro] => C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38768 2009-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2009-02-27] (Adobe Systems Inc.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [67488 2007-09-10] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2014-10-01] (ESET)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44168 2007-03-07] (soft thinks)
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\...\Run: [GUDelayStartup] => C:\Program Files\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\...\Run: [uTorrent] => C:\Users\GLADEE LTD\AppData\Roaming\uTorrent\uTorrent.exe [1740880 2015-02-25] (BitTorrent Inc.)
BootExecute: autocheck autochk /p \??\C:autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-4160401380-2986599317-1667886896-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-4160401380-2986599317-1667886896-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
HKU\S-1-5-21-4160401380-2986599317-1667886896-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
SearchScopes: HKLM -> {F0E6EFA4-B10C-4FFE-B24F-9B9653517578} URL = http://uk.search.yahoo.com/search?p={se ... fr=cb-hp06
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> {2E78AF1D-0C5B-4CAE-82D4-AC2A8A8FA7FD} URL = http://www.bing.com/search?FORM=WLETDF& ... -SearchBox
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> {5593A44C-183C-4F8E-9A3A-59A228FFE07A} URL = https://uk.search.yahoo.com/search?fr=c ... earchTerms}
SearchScopes: HKU\S-1-5-21-4160401380-2986599317-1667886896-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: No Name -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-03] (Google Inc.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: No Name -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> No File
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09] (Sun Microsystems, Inc.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll [2008-11-28] ()
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-4160401380-2986599317-1667886896-1002 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27] (Adobe Systems Incorporated)
DPF: {4EFA317A-8569-4788-B175-5BAF9731A549} https://www.windowsvistatestdrive.com/m ... lient1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
ShellExecuteHooks: - {DAE0285D-0788-4E87-985E-01DF2EDE4ACD} - C:\WINDOWS\System32\wshxt.dll [53248 2009-03-05] ()
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\GLADEE LTD\AppData\Roaming\Mozilla\Firefox\Profiles\voavuaed.default-1425142728049
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll [2008-10-05] (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll No File
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2007-06-01] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-15] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2008-01-23] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npbittorrent.dll [2008-01-08] (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll [2010-03-09] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2008-12-11] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-01-08] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2009-02-27] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-25]
Chrome:
=======
CHR HomePage: Default -> https://uk.search.yahoo.com/?type=523482&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://uk.search.yahoo.com/?type=523482&fr=yo-yhp-ch", "hxxp://www.google.com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]
CHR Extension: (YouTube) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]
CHR Extension: (Google Sheets) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (Gmail) - C:\Users\GLADEE LTD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation) [File not signed]
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2014-10-01] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-03-30] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation) [File not signed]
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] () [File not signed]
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation) [File not signed]
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation) [File not signed]
S2 SymAppCore; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [47712 2007-01-05] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [2831232 2007-01-26] (ASUSTeK Computer Inc.)
S3 bfturboh; C:\Windows\System32\drivers\bfturboh.sys [17152 2008-02-12] (BUFFALO INC.) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [371248 2008-08-18] (Symantec Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2014-10-10] (ESET)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [99376 2008-08-18] (Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [17344 2015-02-19] (Glarysoft Ltd)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\idsdefs\20080829.001\IDSvix86.sys [261680 2008-06-03] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [28256 2014-08-12] (EldoS Corporation)
R3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [288768 2007-12-26] (NETGEAR Inc.)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-01-01] () [File not signed]
S3 SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [279088 2007-11-30] (Symantec Corporation)
S3 SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [317616 2007-11-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [43696 2007-11-30] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [123952 2008-07-04] (Symantec Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\GLADEE~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVENG.SYS [X]
S3 NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20080830.036\NAVEX15.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S4 SecureLockWare_EncryptFilterDriver; \SystemRoot\SYSTEM32\DRIVERS\ENCRFIL.SYS [X]
S4 SecureLockWare_EncryptFilterDriver2; \SystemRoot\SYSTEM32\DRIVERS\SLWFIL.SYS [X]
S3 SNP2STD; system32\DRIVERS\snp2sxp.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 21:10 - 2015-03-27 21:12 - 00021285 _____ () C:\Users\GLADEE LTD\Downloads\FRST.txt
2015-03-27 21:10 - 2015-03-27 21:11 - 00000000 ____D () C:\FRST
2015-03-27 21:09 - 2015-03-27 21:09 - 01135104 _____ (Farbar) C:\Users\GLADEE LTD\Downloads\FRST.exe
2015-03-27 21:01 - 2015-03-27 21:05 - 01496172 _____ () C:\Users\GLADEE LTD\Downloads\CrystalDiskInfo5_0_0.zip
2015-03-27 19:05 - 2015-03-27 19:05 - 00012236 _____ () C:\ComboFix.txt
2015-03-27 18:46 - 2015-03-27 18:45 - 00000459 _____ () C:\Users\GLADEE LTD\Desktop\ComboFix.lnk
2015-03-27 18:37 - 2015-03-27 18:41 - 00003039 _____ () C:\Users\GLADEE LTD\Desktop\PowerLine Utility.lnk
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Program Files\WinPcap
2015-03-27 18:37 - 2015-03-27 18:37 - 00000000 ____D () C:\Program Files\TP-LINK
2015-03-25 08:29 - 2015-03-27 20:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-23 21:12 - 2011-06-26 06:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-23 21:12 - 2010-11-07 17:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-23 21:12 - 2009-04-20 04:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-23 21:12 - 2000-08-31 00:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-23 21:11 - 2015-03-27 19:05 - 00000000 ____D () C:\Qoobox
2015-03-23 21:10 - 2015-03-23 21:28 - 00000000 ____D () C:\Windows\erdnt
2015-03-22 17:06 - 2015-03-22 17:06 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{0D578B1B-AF78-467E-B73F-37C9CD360A8A}
2015-03-22 10:52 - 2015-03-23 21:07 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-22 10:52 - 2015-03-22 10:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-22 10:51 - 2015-03-22 10:51 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\GLADEE LTD\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-22 08:34 - 2015-03-22 09:07 - 00000000 ____D () C:\AdwCleaner
2015-03-22 08:34 - 2015-03-22 08:34 - 02171392 _____ () C:\Users\GLADEE LTD\Downloads\adwcleaner_4.112.exe
2015-03-22 07:59 - 2015-03-22 08:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-21 19:35 - 2015-03-21 19:36 - 00000000 ____D () C:\rsit
2015-03-21 19:35 - 2015-03-21 19:35 - 00000000 ____D () C:\Program Files\trend micro
2015-03-21 19:34 - 2015-03-21 19:34 - 01107968 _____ () C:\Users\GLADEE LTD\Downloads\RSIT.exe
2015-03-21 19:33 - 2015-03-21 19:33 - 00112107 _____ (forum.viry.cz) C:\Users\GLADEE LTD\Downloads\VerzeOS.exe
2015-03-21 17:03 - 2015-03-21 17:04 - 108800816 _____ (Apple Inc.) C:\Users\GLADEE LTD\Downloads\iTunesSetup.exe
2015-03-06 08:36 - 2015-03-06 08:37 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{AF29C6BD-76CF-4654-9468-F1D20419A7CB}
2015-03-06 08:36 - 2015-03-06 08:36 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\{B6B6DFF6-F1FA-4AD5-849B-65C6FEECD395}
2015-03-03 19:32 - 2015-03-27 19:17 - 00003448 _____ () C:\Windows\PFRO.log
2015-02-28 16:55 - 2015-02-28 16:58 - 00000000 ____D () C:\Users\GLADEE LTD\Desktop\Původní data aplikace Firefox
2015-02-26 11:49 - 2015-02-26 11:49 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\ESET
2015-02-26 11:18 - 2015-02-26 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-02-26 11:18 - 2015-02-26 11:18 - 00000000 ____D () C:\Program Files\ESET
2015-02-26 10:11 - 2015-02-26 10:11 - 00000000 ____D () C:\found.000
2015-02-26 09:59 - 2015-02-26 09:59 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\WinRAR
2015-02-26 09:59 - 2015-02-26 09:59 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-02-26 08:21 - 2015-02-26 08:21 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\NVIDIA
2015-02-26 00:27 - 2015-02-28 12:20 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2015-02-25 20:11 - 2015-02-25 20:11 - 00000801 _____ () C:\Users\GLADEE LTD\Desktop\µTorrent.lnk
2015-02-25 20:11 - 2015-02-25 20:11 - 00000781 _____ () C:\Users\GLADEE LTD\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-27 21:10 - 2008-09-28 16:45 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{45EB8DA7-6D98-4184-8613-F6D3DEC996BA}.job
2015-03-27 21:07 - 2015-02-15 18:48 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 21:05 - 2015-02-15 19:05 - 02027443 _____ () C:\Windows\WindowsUpdate.log
2015-03-27 21:02 - 2015-02-15 18:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-27 20:40 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\tracing
2015-03-27 20:25 - 2006-11-02 12:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-03-27 20:24 - 2015-02-19 17:55 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-03-27 20:24 - 2015-02-17 12:15 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\uTorrent
2015-03-27 20:23 - 2015-02-15 18:48 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 20:23 - 2007-06-01 04:13 - 00000000 ____D () C:\Windows\SMINST
2015-03-27 20:23 - 2006-11-02 13:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-27 20:23 - 2006-11-02 12:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-27 20:23 - 2006-11-02 12:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-27 20:21 - 2006-11-02 13:01 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-03-27 20:16 - 2006-11-02 10:33 - 00712556 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-27 19:01 - 2006-11-02 10:23 - 00000215 _____ () C:\Windows\system.ini
2015-03-27 17:48 - 2015-02-17 14:52 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\vlc
2015-03-27 17:27 - 2015-02-17 14:43 - 00105472 _____ () C:\Users\GLADEE LTD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-24 19:25 - 2015-02-19 17:55 - 00000000 ____D () C:\Program Files\Glary Utilities 5
2015-03-23 21:30 - 2006-11-02 11:18 - 00000000 __RHD () C:\Users\Default
2015-03-23 21:30 - 2006-11-02 11:18 - 00000000 ___RD () C:\Users\Public
2015-03-23 08:28 - 2006-11-02 12:47 - 01753704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-22 17:12 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\Web
2015-03-22 17:09 - 2006-11-02 11:18 - 00000000 ____D () C:\Windows\system
2015-03-22 10:09 - 2015-02-20 15:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-21 18:47 - 2015-02-15 18:54 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-10 22:18 - 2007-06-01 03:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-10 22:11 - 2015-02-15 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-10 22:00 - 2006-11-02 10:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-03-06 08:36 - 2015-02-20 11:53 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Local\Windows Live
2015-03-02 17:07 - 2015-02-19 17:56 - 00000410 _____ () C:\Windows\Tasks\GlaryOneClickOptimizer 5.job
2015-02-28 13:15 - 2015-02-15 18:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-28 12:21 - 2009-02-16 22:14 - 00000000 ____D () C:\Program Files\DivX
2015-02-28 12:20 - 2015-02-17 14:31 - 00000000 ____D () C:\ProgramData\DivX
2015-02-28 12:19 - 2009-02-16 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-02-27 20:29 - 2015-02-15 20:18 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\Dropbox
2015-02-26 11:20 - 2015-02-15 16:11 - 00000000 ____D () C:\Users\GLADEE LTD
2015-02-26 10:39 - 2015-02-15 19:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-02-26 08:21 - 2015-02-17 14:32 - 00000000 ____D () C:\Users\GLADEE LTD\AppData\Roaming\DivX
2015-02-25 23:02 - 2015-02-15 18:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-02-25 23:02 - 2015-02-15 18:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-02-25 22:05 - 2008-07-24 11:48 - 00000000 ____D () C:\Windows\Minidump
==================== Files in the root of some directories =======
2007-01-06 06:09 - 2007-01-06 06:09 - 0208896 _____ () C:\Program Files\Common Files\VistaRunApp.exe
2015-02-17 14:43 - 2015-03-27 17:27 - 0105472 _____ () C:\Users\GLADEE LTD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-30 19:07 - 2009-03-30 19:07 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2007-06-01 03:45 - 2007-06-01 03:46 - 0000311 _____ () C:\ProgramData\hpzinstall.log
2008-11-30 15:54 - 2008-11-30 15:54 - 0005062 _____ () C:\ProgramData\nyaaqbsr.rmh
2008-11-30 15:48 - 2008-11-30 15:48 - 0005018 _____ () C:\ProgramData\xqkcebzs.dik
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-27 20:28
==================== End Of Log ============================
- Přílohy
-
- Addition.rar
- (20 bajtů) Staženo 60 x
Přispějete na provoz fóra?