Ahoj, prosím o kontrolu logu, PC se chová divně. Mám legal windowsy ale připadá mi jakoby byly převirovány na cimprcampr
Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2013-10-25 21:30:48
Microsoft Windows 7 Ultimate
System drive C: has 10 GB (20%) free of 50 GB
Total RAM: 2048 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:55, on 25.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\PC\AppData\Local\winlogon.exe
C:\Users\PC\AppData\Local\services.exe
C:\Users\PC\AppData\Local\lsass.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4953
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\Windows\KesenjanganSosial.exe"
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\Windows\ShellNew\RakyatKelaparan.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Tok-Cirrhatus-1167] "C:\Users\PC\AppData\Local\br3357on.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: AutorunsDisabled
O4 - Startup: Empty.pif = ?
O4 - Startup: Startup.exe
O4 - Global Startup: Startup.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Trend Micro DirectPass Central Control Service (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 7674 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{8197dd50-b252-4b08-a1be-1277f22357bb}"=C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\extensions\
ffxtlbr@delta.com
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\
babylon.xml
searchplugins.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
"Bron-Spizaetus"=C:\Windows\ShellNew\RakyatKelaparan.exe [2013-05-22 45417]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
"RGSC"=D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Tok-Cirrhatus-1167"=C:\Users\PC\AppData\Local\br3357on.exe [2013-05-22 45417]
"Tok-Cirrhatus"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-05-04 955792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-04 21392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwmConsole.exe]
C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2013-09-11 1168408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
C:\Program Files\BinarySense\HDDlife 4\HDDlifePro.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Startup.exe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Empty.pif
Startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-25 21:30:48 ----D---- C:\rsit
2013-10-25 12:43:43 ----HD---- C:\Windows\PIF
2013-10-21 13:32:20 ----D---- C:\Fifa 14 UE
2013-10-08 19:36:06 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-04 13:40:11 ----D---- C:\Program Files\MegaDev
2013-10-03 17:19:34 ----D---- C:\Program Files\AGEIA Technologies
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvoglv32.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\NvIFR.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\NvFBC.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvdispgenco3232723.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvdispco3232723.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-03 17:15:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-03 17:15:47 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-03 17:11:05 ----A---- C:\Windows\system32\nvaudcap32v.dll
2013-10-03 17:11:05 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2013-10-02 15:27:01 ----D---- C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 12:55:00 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-02 12:55:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 12:54:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-02 12:54:47 ----SHD---- C:\Windows\system32\AI_RecycleBin
2013-10-02 12:54:08 ----D---- C:\ProgramData\PMB Files
2013-10-02 12:54:05 ----D---- C:\Program Files\Pando Networks
2013-10-02 12:53:24 ----D---- C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 20:44:13 ----SHD---- C:\ProgramData\DSS
2013-09-30 20:44:12 ----D---- C:\ProgramData\Codemasters
2013-09-30 20:42:05 ----A---- C:\Windows\system32\rapture3d_oal.dll
2013-09-30 20:42:05 ----A---- C:\Windows\system32\mkl_blueripple.dll
2013-09-30 20:42:04 ----D---- C:\Program Files\BRS
2013-09-30 20:42:03 ----RA---- C:\Windows\system32\tmpD32E.tmp
2013-09-30 20:42:03 ----D---- C:\Program Files\OpenAL
2013-09-30 20:42:03 ----A---- C:\Windows\system32\wrap_oal.dll
2013-09-30 20:42:03 ----A---- C:\Windows\system32\OpenAL32.dll
2013-09-29 18:29:39 ----D---- C:\Program Files\Microsoft Silverlight
======List of files/folders modified in the last 1 month======
2013-10-25 21:30:55 ----D---- C:\Program Files\Trend Micro
2013-10-25 21:30:49 ----D---- C:\Windows\Temp
2013-10-25 21:29:48 ----D---- C:\Windows\system32\drivers\etc
2013-10-25 21:29:46 ----D---- C:\Windows\System32
2013-10-25 21:29:46 ----D---- C:\Windows\inf
2013-10-25 21:29:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-25 21:29:32 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2013-10-25 21:25:05 ----D---- C:\ProgramData\NVIDIA
2013-10-25 20:46:14 ----D---- C:\Program Files\Origin
2013-10-25 17:36:41 ----D---- C:\Program Files\The KMPlayer
2013-10-25 13:15:32 ----SHD---- C:\System Volume Information
2013-10-25 12:43:43 ----D---- C:\Windows
2013-10-25 11:28:17 ----D---- C:\Windows\system32\config
2013-10-21 21:10:26 ----D---- C:\Windows\Prefetch
2013-10-21 14:14:26 ----D---- C:\Program Files
2013-10-20 14:52:59 ----D---- C:\Windows\Tasks
2013-10-20 14:52:59 ----D---- C:\Windows\system32\Tasks
2013-10-20 14:52:44 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-15 18:06:02 ----SHD---- C:\Windows\Installer
2013-10-12 16:30:03 ----D---- C:\Users\PC\AppData\Roaming\WinRAR
2013-10-12 16:30:03 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2013-10-12 16:30:03 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2013-10-12 16:30:02 ----D---- C:\Users\PC\AppData\Roaming\Skype
2013-10-12 16:29:59 ----D---- C:\Users\PC\AppData\Roaming\Origin
2013-10-12 16:29:44 ----D---- C:\Users\PC\AppData\Roaming\ICQ
2013-10-12 16:29:43 ----D---- C:\Users\PC\AppData\Roaming\DVDVideoSoft
2013-10-12 16:29:43 ----D---- C:\Users\PC\AppData\Roaming\Delta
2013-10-12 16:29:43 ----D---- C:\Users\PC\AppData\Roaming\Babylon
2013-10-12 16:28:36 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-10-12 16:28:33 ----D---- C:\ProgramData\SendMails
2013-10-12 16:28:31 ----D---- C:\ProgramData\Origin
2013-10-12 16:28:29 ----D---- C:\ProgramData\Microsoft Help
2013-10-12 16:28:15 ----RD---- C:\Users
2013-10-12 16:28:15 ----HD---- C:\ProgramData\Common Files
2013-10-12 16:28:15 ----D---- C:\ProgramData\BOINC
2013-10-12 16:28:15 ----D---- C:\ProgramData\Ashampoo
2013-10-12 14:44:30 ----D---- C:\Windows\ShellNew
2013-10-11 12:05:18 ----D---- C:\Windows\system32\catroot2
2013-10-09 18:18:39 ----D---- C:\Program Files\DVDVideoSoft
2013-10-09 18:18:26 ----RSD---- C:\Windows\assembly
2013-10-09 18:18:18 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2013-10-05 13:26:19 ----D---- C:\Windows\system32\drivers
2013-10-03 17:19:34 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-03 17:18:49 ----D---- C:\Windows\system32\catroot
2013-10-03 17:18:48 ----D---- C:\Windows\system32\DriverStore
2013-10-03 17:18:34 ----D---- C:\Temp
2013-10-02 12:54:08 ----HD---- C:\ProgramData
2013-09-30 20:43:03 ----D---- C:\Windows\winsxs
2013-09-30 15:54:33 ----A---- C:\Windows\PhotoSnapViewer.INI
2013-09-29 18:29:42 ----SD---- C:\ProgramData\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-31 466008]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-11-08 26984]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-04-19 113072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-14 29184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088]
S3 a8qpw89s;a8qpw89s; C:\Windows\system32\drivers\a8qpw89s.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 kbfilter;kbfilter; C:\Windows\system32\DRIVERS\kbfilter.sys [2013-09-11 61728]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14573856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 662816]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-06 76888]
R2 PwmSvc;Trend Micro DirectPass Central Control Service; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2013-09-11 230424]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-19 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Při zapnutí combofixu odsouhlasim že ho chci spustit, poté tam načítají nějaké data a zhruba v polovině se mi počítač restartne.. udělá to vždy...mám zkusit nouzový režim?
Zkousel jsem ten nouzový režim a ani přes něj to nejde. Prostě PC se restartne, dělá to i když chci stahnout nějaký soubor tak se hned restartuje. Zkousel jsem taky rozjet cmd ale taky opet restart... To bude jeste zabava
PS: Nastesti mam v pohode rychlost internetu a tak jsem ComboFix stahl driv nez se PC stihnul restartnout.
Zkousel jsem ten nouzový režim a ani přes něj to nejde. Prostě PC se restartne, dělá to i když chci stahnout nějaký soubor tak se hned restartuje. Zkousel jsem taky rozjet cmd ale taky opet restart... To bude jeste zabava
PS: Nastesti mam v pohode rychlost internetu a tak jsem ComboFix stahl driv nez se PC stihnul restartnout.
Re: Prosím o kontrolu
Zdravím,
Nepoužíváte jinou verzi PC Hunteru? Jelikož se nemůžu držet návodu. první krok jsem našel a odškrtnul co jste mi napsal ale u druheho kroku kdy jsem měl přejít do záložky Massage hook tak tu jsem nenašel ale našel jsem ji poté jako podzáložku v Ring3 Hooks ale když jsem na ní klikl nebyla tam žádná možnost proste prazdna tabulka ani když jsem dal Refresh tak pořád nic, Zkusil jsem i odškrnout Only Show Golbal Hook tak se tam neco zoobrazilo ale nic společné s tímto tam nebylo .
winlogon.exe - C:\Users\PC\AppData\Local\winlogon.exe - WH_MSGFILTER - msvbvm60.dll
lsass.exe - C:\Users\PC\AppData\Local\lsass.exe - WH_MSGFILTER - msvbvm60.dll
Chtěl jsem Vám přiložit screen pro lepší přehlednost ale při zapnutí Malování se mi opět počítač restartoval.
Nepoužíváte jinou verzi PC Hunteru? Jelikož se nemůžu držet návodu. první krok jsem našel a odškrtnul co jste mi napsal ale u druheho kroku kdy jsem měl přejít do záložky Massage hook tak tu jsem nenašel ale našel jsem ji poté jako podzáložku v Ring3 Hooks ale když jsem na ní klikl nebyla tam žádná možnost proste prazdna tabulka ani když jsem dal Refresh tak pořád nic, Zkusil jsem i odškrnout Only Show Golbal Hook tak se tam neco zoobrazilo ale nic společné s tímto tam nebylo .
winlogon.exe - C:\Users\PC\AppData\Local\winlogon.exe - WH_MSGFILTER - msvbvm60.dll
lsass.exe - C:\Users\PC\AppData\Local\lsass.exe - WH_MSGFILTER - msvbvm60.dll
Chtěl jsem Vám přiložit screen pro lepší přehlednost ale při zapnutí Malování se mi opět počítač restartoval.
Re: Prosím o kontrolu
ano mam tam zalozu startup Info ale i Procees a další..
Ale ted to dúležite.. potom co jsem našl tu podzáložku massage hooks v založce Ring3 Hooks tak jsem odškrtnul a našel jsem tam ty 2 věco co jste napsal ( špatně jsem se předtím díval omlouvám se) Postupoval jsem tedy podle navodu a když jsem dal Force kill na jednu z těch 3 věci ( už nevím ktar to byla) tak mi zmizeli ikony + lista a zustal jen program PC hunter a po chvilce se restartl a naskocila poté modra smrt a musel jsem system obnovovat .. Myslím, že jsem postupoval podle navodu na 100 procent a daval sem si pozor ale možna by bylo lepší ten navod radeji roepsat jako pro vola
Ale ted to dúležite.. potom co jsem našl tu podzáložku massage hooks v založce Ring3 Hooks tak jsem odškrtnul a našel jsem tam ty 2 věco co jste napsal ( špatně jsem se předtím díval omlouvám se) Postupoval jsem tedy podle navodu a když jsem dal Force kill na jednu z těch 3 věci ( už nevím ktar to byla) tak mi zmizeli ikony + lista a zustal jen program PC hunter a po chvilce se restartl a naskocila poté modra smrt a musel jsem system obnovovat .. Myslím, že jsem postupoval podle navodu na 100 procent a daval sem si pozor ale možna by bylo lepší ten navod radeji roepsat jako pro vola
Re: Prosím o kontrolu
KOUKAM KOUKAM ale nevidím zmiňované soubory v záložce Startup Info.
Re: Prosím o kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by PC at 2013-10-29 20:09:58
Microsoft Windows 7 Ultimate
System drive C: has 9 GB (19%) free of 50 GB
Total RAM: 2048 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:09, on 29.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\PC\AppData\Local\winlogon.exe
C:\Windows\system32\taskmgr.exe
C:\Users\PC\AppData\Local\services.exe
C:\Users\PC\AppData\Local\lsass.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4953
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\Windows\KesenjanganSosial.exe"
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\Windows\ShellNew\RakyatKelaparan.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Tok-Cirrhatus-1167] "C:\Users\PC\AppData\Local\br3357on.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: AutorunsDisabled
O4 - Startup: Empty.pif = ?
O4 - Startup: Startup.exe
O4 - Global Startup: Startup.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Trend Micro DirectPass Central Control Service (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 7904 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{8197dd50-b252-4b08-a1be-1277f22357bb}"=C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\extensions\
ffxtlbr@delta.com
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\
babylon.xml
searchplugins.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
"Bron-Spizaetus"=C:\Windows\ShellNew\RakyatKelaparan.exe [2013-05-22 45417]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
"RGSC"=D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Tok-Cirrhatus-1167"=C:\Users\PC\AppData\Local\br3357on.exe [2013-05-22 45417]
"Tok-Cirrhatus"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-05-04 955792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-04 21392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwmConsole.exe]
C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2013-09-11 1168408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
C:\Program Files\BinarySense\HDDlife 4\HDDlifePro.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Startup.exe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Empty.pif
Startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-28 18:10:37 ----A---- C:\Windows\ntbtlog.txt
2013-10-28 18:00:12 ----D---- C:\Windows\erdnt
2013-10-28 18:00:10 ----D---- C:\32788R22FWJFW
2013-10-25 20:30:48 ----D---- C:\rsit
2013-10-25 11:43:43 ----HD---- C:\Windows\PIF
2013-10-21 12:32:20 ----D---- C:\Fifa 14 UE
2013-10-08 18:36:06 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-04 12:40:11 ----D---- C:\Program Files\MegaDev
2013-10-03 16:19:34 ----D---- C:\Program Files\AGEIA Technologies
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvoglv32.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\NvIFR.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\NvFBC.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvdispgenco3232723.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvdispco3232723.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-03 16:15:47 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-03 16:11:05 ----A---- C:\Windows\system32\nvaudcap32v.dll
2013-10-03 16:11:05 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2013-10-02 14:27:01 ----D---- C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:55:00 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-02 11:55:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 11:54:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-02 11:54:47 ----SHD---- C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54:08 ----D---- C:\ProgramData\PMB Files
2013-10-02 11:54:05 ----D---- C:\Program Files\Pando Networks
2013-10-02 11:53:24 ----D---- C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44:13 ----SHD---- C:\ProgramData\DSS
2013-09-30 19:44:12 ----D---- C:\ProgramData\Codemasters
2013-09-30 19:42:05 ----A---- C:\Windows\system32\rapture3d_oal.dll
2013-09-30 19:42:05 ----A---- C:\Windows\system32\mkl_blueripple.dll
2013-09-30 19:42:04 ----D---- C:\Program Files\BRS
2013-09-30 19:42:03 ----RA---- C:\Windows\system32\tmpD32E.tmp
2013-09-30 19:42:03 ----D---- C:\Program Files\OpenAL
2013-09-30 19:42:03 ----A---- C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42:03 ----A---- C:\Windows\system32\OpenAL32.dll
======List of files/folders modified in the last 1 month======
2013-10-29 20:09:59 ----D---- C:\Program Files\Trend Micro
2013-10-29 20:09:57 ----D---- C:\Windows\Temp
2013-10-29 20:08:49 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2013-10-29 20:07:38 ----D---- C:\Windows\system32\drivers\etc
2013-10-29 19:31:52 ----D---- C:\Windows\System32
2013-10-29 19:31:52 ----D---- C:\Windows\inf
2013-10-29 19:31:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 19:26:48 ----D---- C:\ProgramData\NVIDIA
2013-10-29 19:25:27 ----D---- C:\Windows\system32\config
2013-10-29 19:25:23 ----RD---- C:\Users
2013-10-29 19:25:23 ----D---- C:\Windows\Tasks
2013-10-29 19:25:23 ----D---- C:\Windows\system32\wfp
2013-10-29 19:25:23 ----D---- C:\Windows\system32\wbem
2013-10-29 19:25:23 ----D---- C:\Windows\system32\DriverStore
2013-10-29 19:25:23 ----D---- C:\Windows\system32\drivers
2013-10-29 19:25:23 ----D---- C:\Windows\system32\catroot2
2013-10-29 19:25:23 ----D---- C:\Windows\ShellNew
2013-10-29 19:25:23 ----D---- C:\Windows
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\WinRAR
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\Skype
2013-10-29 19:25:21 ----D---- C:\Users\PC\AppData\Roaming\Origin
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\ICQ
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\DVDVideoSoft
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\Delta
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\Babylon
2013-10-29 19:25:11 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-10-29 19:25:11 ----D---- C:\ProgramData\SendMails
2013-10-29 19:25:11 ----D---- C:\ProgramData\Origin
2013-10-29 19:25:07 ----D---- C:\ProgramData\Microsoft Help
2013-10-29 19:25:06 ----HD---- C:\ProgramData\Common Files
2013-10-29 19:25:06 ----D---- C:\ProgramData\BOINC
2013-10-29 19:25:06 ----D---- C:\ProgramData\Ashampoo
2013-10-29 19:24:29 ----D---- C:\Windows\registration
2013-10-29 19:22:29 ----SHD---- C:\System Volume Information
2013-10-29 19:22:00 ----D---- C:\Windows\system32\LogFiles
2013-10-28 11:19:10 ----D---- C:\Program Files\Origin
2013-10-25 16:36:41 ----D---- C:\Program Files\The KMPlayer
2013-10-21 20:10:26 ----D---- C:\Windows\Prefetch
2013-10-21 13:14:26 ----D---- C:\Program Files
2013-10-20 13:52:59 ----D---- C:\Windows\system32\Tasks
2013-10-20 13:52:44 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-15 17:06:02 ----SHD---- C:\Windows\Installer
2013-10-09 17:18:39 ----D---- C:\Program Files\DVDVideoSoft
2013-10-09 17:18:26 ----RSD---- C:\Windows\assembly
2013-10-09 17:18:18 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2013-10-03 16:19:34 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-03 16:18:49 ----D---- C:\Windows\system32\catroot
2013-10-03 16:18:34 ----D---- C:\Temp
2013-10-02 11:54:08 ----HD---- C:\ProgramData
2013-09-30 19:43:03 ----D---- C:\Windows\winsxs
2013-09-30 14:54:33 ----A---- C:\Windows\PhotoSnapViewer.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-31 466008]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-11-08 26984]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-04-19 113072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 axmtekac;axmtekac; C:\Windows\system32\drivers\axmtekac.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 kbfilter;kbfilter; C:\Windows\system32\DRIVERS\kbfilter.sys [2013-09-11 61728]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14573856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 662816]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-06 76888]
R2 PwmSvc;Trend Micro DirectPass Central Control Service; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2013-09-11 230424]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-19 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by PC at 2013-10-29 20:09:58
Microsoft Windows 7 Ultimate
System drive C: has 9 GB (19%) free of 50 GB
Total RAM: 2048 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:09, on 29.10.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\PC\AppData\Local\winlogon.exe
C:\Windows\system32\taskmgr.exe
C:\Users\PC\AppData\Local\services.exe
C:\Users\PC\AppData\Local\lsass.exe
C:\Windows\explorer.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\PC\Desktop\RSIT.exe
C:\Program Files\trend micro\PC.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4953
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\Windows\KesenjanganSosial.exe"
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\Windows\ShellNew\RakyatKelaparan.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [RGSC] D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Tok-Cirrhatus-1167] "C:\Users\PC\AppData\Local\br3357on.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3438367943-3009045665-384546852-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: AutorunsDisabled
O4 - Startup: Empty.pif = ?
O4 - Startup: Startup.exe
O4 - Global Startup: Startup.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: AutorunsDisabled - (no CLSID) - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Trend Micro DirectPass Central Control Service (PwmSvc) - Trend Micro Inc. - C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
--
End of file - 7904 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{8197dd50-b252-4b08-a1be-1277f22357bb}"=C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
npwachk.dll
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\extensions\
ffxtlbr@delta.com
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\
babylon.xml
searchplugins.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-08-27 1028896]
"Bron-Spizaetus"=C:\Windows\ShellNew\RakyatKelaparan.exe [2013-05-22 45417]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
"RGSC"=D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Tok-Cirrhatus-1167"=C:\Users\PC\AppData\Local\br3357on.exe [2013-05-22 45417]
"Tok-Cirrhatus"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-05-04 955792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-04 21392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwmConsole.exe]
C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2013-09-11 1168408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-12-13 11487848]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-12-22 969104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
C:\Program Files\BinarySense\HDDlife 4\HDDlifePro.exe []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Startup.exe
C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
AutorunsDisabled
Empty.pif
Startup.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=1
"DisableCMD"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoFolderOptions"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2013-10-28 18:10:37 ----A---- C:\Windows\ntbtlog.txt
2013-10-28 18:00:12 ----D---- C:\Windows\erdnt
2013-10-28 18:00:10 ----D---- C:\32788R22FWJFW
2013-10-25 20:30:48 ----D---- C:\rsit
2013-10-25 11:43:43 ----HD---- C:\Windows\PIF
2013-10-21 12:32:20 ----D---- C:\Fifa 14 UE
2013-10-08 18:36:06 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-04 12:40:11 ----D---- C:\Program Files\MegaDev
2013-10-03 16:19:34 ----D---- C:\Program Files\AGEIA Technologies
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvopencl.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvoglv32.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\NvIFR.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\NvFBC.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvdispgenco3232723.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvdispco3232723.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuvid.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\nvcuda.dll
2013-10-03 16:15:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2013-10-03 16:15:47 ----A---- C:\Windows\system32\nvcompiler.dll
2013-10-03 16:11:05 ----A---- C:\Windows\system32\nvaudcap32v.dll
2013-10-03 16:11:05 ----A---- C:\Windows\system32\drivers\nvvad32v.sys
2013-10-02 14:27:01 ----D---- C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:55:00 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-10-02 11:55:00 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 11:54:58 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-10-02 11:54:47 ----SHD---- C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54:08 ----D---- C:\ProgramData\PMB Files
2013-10-02 11:54:05 ----D---- C:\Program Files\Pando Networks
2013-10-02 11:53:24 ----D---- C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44:13 ----SHD---- C:\ProgramData\DSS
2013-09-30 19:44:12 ----D---- C:\ProgramData\Codemasters
2013-09-30 19:42:05 ----A---- C:\Windows\system32\rapture3d_oal.dll
2013-09-30 19:42:05 ----A---- C:\Windows\system32\mkl_blueripple.dll
2013-09-30 19:42:04 ----D---- C:\Program Files\BRS
2013-09-30 19:42:03 ----RA---- C:\Windows\system32\tmpD32E.tmp
2013-09-30 19:42:03 ----D---- C:\Program Files\OpenAL
2013-09-30 19:42:03 ----A---- C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42:03 ----A---- C:\Windows\system32\OpenAL32.dll
======List of files/folders modified in the last 1 month======
2013-10-29 20:09:59 ----D---- C:\Program Files\Trend Micro
2013-10-29 20:09:57 ----D---- C:\Windows\Temp
2013-10-29 20:08:49 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2013-10-29 20:07:38 ----D---- C:\Windows\system32\drivers\etc
2013-10-29 19:31:52 ----D---- C:\Windows\System32
2013-10-29 19:31:52 ----D---- C:\Windows\inf
2013-10-29 19:31:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-29 19:26:48 ----D---- C:\ProgramData\NVIDIA
2013-10-29 19:25:27 ----D---- C:\Windows\system32\config
2013-10-29 19:25:23 ----RD---- C:\Users
2013-10-29 19:25:23 ----D---- C:\Windows\Tasks
2013-10-29 19:25:23 ----D---- C:\Windows\system32\wfp
2013-10-29 19:25:23 ----D---- C:\Windows\system32\wbem
2013-10-29 19:25:23 ----D---- C:\Windows\system32\DriverStore
2013-10-29 19:25:23 ----D---- C:\Windows\system32\drivers
2013-10-29 19:25:23 ----D---- C:\Windows\system32\catroot2
2013-10-29 19:25:23 ----D---- C:\Windows\ShellNew
2013-10-29 19:25:23 ----D---- C:\Windows
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\WinRAR
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\Winamp
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\TS3Client
2013-10-29 19:25:23 ----D---- C:\Users\PC\AppData\Roaming\Skype
2013-10-29 19:25:21 ----D---- C:\Users\PC\AppData\Roaming\Origin
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\ICQ
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\DVDVideoSoft
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\Delta
2013-10-29 19:25:19 ----D---- C:\Users\PC\AppData\Roaming\Babylon
2013-10-29 19:25:11 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-10-29 19:25:11 ----D---- C:\ProgramData\SendMails
2013-10-29 19:25:11 ----D---- C:\ProgramData\Origin
2013-10-29 19:25:07 ----D---- C:\ProgramData\Microsoft Help
2013-10-29 19:25:06 ----HD---- C:\ProgramData\Common Files
2013-10-29 19:25:06 ----D---- C:\ProgramData\BOINC
2013-10-29 19:25:06 ----D---- C:\ProgramData\Ashampoo
2013-10-29 19:24:29 ----D---- C:\Windows\registration
2013-10-29 19:22:29 ----SHD---- C:\System Volume Information
2013-10-29 19:22:00 ----D---- C:\Windows\system32\LogFiles
2013-10-28 11:19:10 ----D---- C:\Program Files\Origin
2013-10-25 16:36:41 ----D---- C:\Program Files\The KMPlayer
2013-10-21 20:10:26 ----D---- C:\Windows\Prefetch
2013-10-21 13:14:26 ----D---- C:\Program Files
2013-10-20 13:52:59 ----D---- C:\Windows\system32\Tasks
2013-10-20 13:52:44 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-10-15 17:06:02 ----SHD---- C:\Windows\Installer
2013-10-09 17:18:39 ----D---- C:\Program Files\DVDVideoSoft
2013-10-09 17:18:26 ----RSD---- C:\Windows\assembly
2013-10-09 17:18:18 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2013-10-03 16:19:34 ----D---- C:\Program Files\NVIDIA Corporation
2013-10-03 16:18:49 ----D---- C:\Windows\system32\catroot
2013-10-03 16:18:34 ----D---- C:\Temp
2013-10-02 11:54:08 ----HD---- C:\ProgramData
2013-09-30 19:43:03 ----D---- C:\Windows\winsxs
2013-09-30 14:54:33 ----A---- C:\Windows\PhotoSnapViewer.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-31 466008]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-11-08 26984]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-04-19 113072]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet - adaptér; C:\Windows\system32\DRIVERS\l260x86.sys [2009-07-13 29184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-12-13 3921448]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 22344]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2013-08-20 33568]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [2012-09-19 10088]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 axmtekac;axmtekac; C:\Windows\system32\drivers\axmtekac.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 kbfilter;kbfilter; C:\Windows\system32\DRIVERS\kbfilter.sys [2013-09-11 61728]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-08-27 14573856]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-09-12 662816]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-08-27 2155296]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-12-06 76888]
R2 PwmSvc;Trend Micro DirectPass Central Control Service; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2013-09-11 230424]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-12 414496]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2012-03-19 2666880]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [2013-01-31 1724192]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-06-03 162408]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-05-20 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-19 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Prosím o kontrolu
oka tak zítra 
Re: Prosím o kontrolu
ok zkusim to, mam ale moznost psat z mobilu to by nevadilo ne ?:)
Re: Prosím o kontrolu
Dobře, takže povedlo se, Všechno šlo podle plánu až na jeden zadrhel.
tento krok:
Zalozka Startup volba "Delete (Startup And File)"
Bron-Spizaetus - C:\Windows\ShellNew\RakyatKelaparan.exe - - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Bron-Spizaetus]
Tok-Cirrhatus-1167 - C:\Users\PC\AppData\Local\br3357on.exe - - [\REGISTRY\USER\S-1-5-21-3438367943-3009045665-384546852-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Tok-Cirrhatus-1167]
Empty.pif - C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif - - [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif]
Startup.exe - C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe - - [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe]
Startup.exe - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe - - [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe]
Shell - Explorer.exe "C:\Windows\KesenjanganSosial.exe" - - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell]
se mi povedl ale az na poslední soubor Shell - Explorer.exe ten tam byl, ale kdyz jsem dal na nej pravym tlacitkem tak u nej nebyla volba "Delete (Startup And File)" k dispozici, nechal jsem to tedy byt a dal jsem force system reboot. ted jsem tady a ptam se, chcete videt log z RSIT nebo zkusit zapnout ComboFix?
tento krok:
Zalozka Startup volba "Delete (Startup And File)"
Bron-Spizaetus - C:\Windows\ShellNew\RakyatKelaparan.exe - - [\Registry\Machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Bron-Spizaetus]
Tok-Cirrhatus-1167 - C:\Users\PC\AppData\Local\br3357on.exe - - [\REGISTRY\USER\S-1-5-21-3438367943-3009045665-384546852-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Tok-Cirrhatus-1167]
Empty.pif - C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif - - [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif]
Startup.exe - C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe - - [C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe]
Startup.exe - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe - - [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe]
Shell - Explorer.exe "C:\Windows\KesenjanganSosial.exe" - - [\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Shell]
se mi povedl ale az na poslední soubor Shell - Explorer.exe ten tam byl, ale kdyz jsem dal na nej pravym tlacitkem tak u nej nebyla volba "Delete (Startup And File)" k dispozici, nechal jsem to tedy byt a dal jsem force system reboot. ted jsem tady a ptam se, chcete videt log z RSIT nebo zkusit zapnout ComboFix?
Re: Prosím o kontrolu
Omlouvám se,
Nepochopil jsem Váš první a druhý řádek.
Tak jsem se vrhnl na ten třetí a zkusil tedy zapnout ComboFix v nouzovém režimu ale stále se děje to stejné, počitač se sám restartuje.
Nepochopil jsem Váš první a druhý řádek.
Tak jsem se vrhnl na ten třetí a zkusil tedy zapnout ComboFix v nouzovém režimu ale stále se děje to stejné, počitač se sám restartuje.
Re: Prosím o kontrolu
Nějak občas nemohu porozumět Vašemu vyjadřování se Ale to bude chyba nejspíš u mě, pochopil jsem tedy správně že mám postupovat dle návodu na který jste mi zaslal odkaz ?
Ale to bude chyba nejspíš u mě, pochopil jsem tedy správně že mám postupovat dle návodu na který jste mi zaslal odkaz ?Re: Prosím o kontrolu
wau tak to bude zábava jelikož nemám tiskárnu zkusím si to pět minut studovat a poté se do toho pustím
zkusím si to pět minut studovat a poté se do toho pustím Re: Prosím o kontrolu
Tak opět zádrhel.
Po pečlivém nastudování jsem se tedy s chutí pustil do restartování PC , poté mačkám F8 , vyberu volbu Nouzovy režim s příkazovým řádkem, dobrá PC najíždí zadam sve heslo a opět mam před sebou jen černou obrazovku ( tu mám vždy, ale aby se mi objevili ikony vždy musim dat CTRL+ALT+DEL a zadat že chci spustit novou ulohu Explorer.exe).. no tedy jsem chvili čekal ale žádný příkazový řádek se mi sam od sebe neobjevil tak jsem to zkusil manuálně normálně napsat CMD ale PC se samozřejmě restartoval. Tak opět mačkám F8 opět ta stejná pohádka ale jen jsem najel v nouzovem režimu na Flešku a spustil klasickým způsobem FRST, tak nevím jestli vám to tedy k něčemu bude :X
Log zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2013
Ran by PC (administrator) on PC-PC on 30-10-2013 18:26:13
Running from G:\
Microsoft Windows 7 Ultimate (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
() C:\Users\PC\AppData\Local\winlogon.exe
() C:\Users\PC\AppData\Local\services.exe
() C:\Users\PC\AppData\Local\lsass.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [Bron-Spizaetus] - C:\Windows\ShellNew\RakyatKelaparan.exe [45417 2013-05-22] ()
HKLM\...\Winlogon: [Shell] Explorer.exe "C:\Windows\KesenjanganSosial.exe" [x ] ()
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [969104 2012-12-22] (BitTorrent, Inc.)
HKCU\...\Run: [RGSC] - D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKCU\...\Run: [Tok-Cirrhatus] - [x]
HKCU\...\Run: [Tok-Cirrhatus-1167] - C:\Users\PC\AppData\Local\br3357on.exe [45417 2013-05-22] ()
HKCU\...\Policies\system: [DisableRegistryTools] 1
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 1
MountPoints2: F - F:\Autorun.exe
MountPoints2: G - G:\Autorun.exe
MountPoints2: H - H:\AUTORUN.EXE
MountPoints2: {79bfb319-5f0d-11e2-965c-00e04d6bc9d5} - F:\MediaManager.exe
MountPoints2: {c0f64e8e-bf91-11e1-9f51-00e04d6bc9d5} - F:\Startme.exe
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe ()
AlternateShell: cmd-brontok.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4953
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... 4&tsp=4953
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: AutorunsDisabled\skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 109.231.191.1 109.231.191.3
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=786800E04D6BC9D5&affID=121564&tsp=4953
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\searchplugins.exe
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Delta Toolbar - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\ffxtlbr@delta.com
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\extensions.exe
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro DirectPass Firefox Erweiterung - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - C:\Program Files\Trend Micro\TMIDS\PwmChromeExt\PwmChromeExt.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\PC\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR StartMenuInternet: Google Chrome - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [654408 2012-04-04] (Malwarebytes Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)
S2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-06] ()
S2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [230424 2013-09-11] (Trend Micro Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software)
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
S3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-11-08] (AVG Technologies)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [61728 2013-09-11] (Trend Micro Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
S1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113072 2012-04-19] (Power Software Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-31] (Duplex Secure Ltd.)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-30 18:26 - 2013-10-30 18:26 - 00000000 ____D C:\FRST
2013-10-30 18:19 - 2013-10-30 18:19 - 01089275 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2013-10-30 17:25 - 2013-10-30 17:25 - 00002133 _____ C:\Users\PC\Desktop\Nový textový dokument.txt
2013-10-30 17:18 - 2013-10-30 17:18 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-30
2013-10-29 10:16 - 2013-10-29 10:16 - 00038116 _____ C:\Users\PC\Desktop\DontSleep.zip
2013-10-29 08:56 - 2013-10-29 08:56 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-29
2013-10-28 20:32 - 2013-10-28 20:32 - 00060903 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava listopad.xlsx
2013-10-28 18:00 - 2013-10-30 17:50 - 00000000 ____D C:\32788R22FWJFW
2013-10-28 18:00 - 2013-10-29 19:25 - 00000000 ____D C:\Windows\erdnt
2013-10-28 17:56 - 2013-10-28 17:59 - 05136694 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2013-10-28 16:28 - 2013-10-28 16:28 - 00094658 _____ C:\Users\PC\Desktop\loggg.rar
2013-10-28 15:48 - 2013-10-30 18:11 - 00000560 _____ C:\Users\PC\AppData\Local\JunkAtx.bin
2013-10-28 14:19 - 2013-10-30 17:28 - 00000000 ____D C:\Users\PC\Desktop\dfgfdg
2013-10-28 14:18 - 2013-10-28 14:18 - 06697210 _____ C:\Users\PC\Desktop\PCHunter_free.zip
2013-10-28 10:58 - 2013-10-28 10:58 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-28
2013-10-27 12:34 - 2013-10-27 12:34 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-27
2013-10-26 15:29 - 2013-10-26 15:29 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-26
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\rsit
2013-10-25 16:18 - 2013-10-25 16:18 - 00325834 _____ C:\Users\PC\Desktop\Euro-Truck-Simulator-2-going-east-CRACK.rar
2013-10-25 15:13 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\44656E6973
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ___HD C:\Windows\PIF
2013-10-25 11:39 - 2013-10-25 20:30 - 00781383 _____ C:\Users\PC\Desktop\RSIT.exe
2013-10-25 11:33 - 2013-10-25 11:33 - 00034162 _____ C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe.torrent
2013-10-25 11:26 - 2013-10-25 15:09 - 441539536 _____ (SCS Software ) C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe
2013-10-25 06:01 - 2013-10-25 06:01 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-25
2013-10-24 19:46 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\pdf
2013-10-24 12:07 - 2013-10-24 12:07 - 01005750 _____ C:\Users\PC\Desktop\pdf.rar
2013-10-24 11:46 - 2013-10-24 11:46 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-24
2013-10-23 06:19 - 2013-10-23 06:19 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-23
2013-10-22 11:05 - 2013-10-22 11:05 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-22
2013-10-21 17:39 - 2013-10-21 17:39 - 00027136 ____N C:\Users\PC\Desktop\OSTRAVA Listopad.xls
2013-10-21 12:32 - 2013-10-21 12:33 - 00000000 ____D C:\Fifa 14 UE
2013-10-21 11:42 - 2013-10-21 11:42 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-21
2013-10-20 13:52 - 2013-10-20 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-20
2013-10-19 21:19 - 2013-10-19 21:20 - 67585472 _____ C:\Users\PC\Desktop\Film.wmv
2013-10-19 21:15 - 2013-10-19 21:15 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-19
2013-10-18 20:36 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\pokoj
2013-10-18 11:07 - 2013-10-18 11:07 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-18
2013-10-17 13:25 - 2013-10-17 13:25 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-17
2013-10-16 13:16 - 2013-10-16 13:16 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-16
2013-10-15 11:59 - 2013-10-15 11:59 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-15
2013-10-14 16:05 - 2013-10-14 16:05 - 00000020 _____ C:\Users\PC\Desktop\subaru impreza.rar
2013-10-14 13:14 - 2013-10-14 13:14 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-14
2013-10-12 23:00 - 2013-10-12 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-13
2013-10-12 13:52 - 2013-10-12 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Ok-SendMail-Bron-tok
2013-10-12 13:49 - 2013-10-30 18:12 - 00001064 ____N C:\Users\PC\AppData\Local\NetMailTmp.bin
2013-10-12 13:49 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\AppData\Local\Loc.Mail.Bron.Tok
2013-10-12 13:49 - 2013-10-12 13:49 - 00000051 _____ C:\Users\PC\AppData\Local\Kosong.Bron.Tok.txt
2013-10-12 13:44 - 2013-10-12 13:44 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-12
2013-10-11 17:58 - 2013-10-11 17:59 - 00063027 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava říjen 2.pol.xlsx
2013-10-09 17:18 - 2013-10-09 17:18 - 00002232 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-09 17:08 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2013-10-08 18:36 - 2013-10-09 15:36 - 17750408 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-07 18:47 - 2013-10-07 18:47 - 00026112 ____N C:\Users\PC\Desktop\OSTRAVA Říjen.xls
2013-10-07 13:36 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\prohlaSENI
2013-10-04 12:43 - 2013-10-04 12:43 - 00000007 _____ C:\Users\PC\Documents\mt-e_hook.txt
2013-10-04 12:40 - 2013-10-04 12:40 - 00000000 ____D C:\Program Files\MegaDev
2013-10-04 12:01 - 2013-10-04 12:01 - 00000000 ____D C:\Users\PC\Documents\Eden Games
2013-10-04 11:56 - 2013-10-04 11:56 - 00000000 ____D C:\Users\PC\AppData\Local\CrashRpt
2013-10-03 20:13 - 2013-10-03 20:13 - 00000526 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
2013-10-03 16:19 - 2013-10-03 16:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-03 16:15 - 2013-09-12 09:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-03 16:15 - 2013-09-12 09:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-10-03 16:11 - 2013-08-20 14:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-10-03 16:11 - 2013-08-20 14:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-10-03 16:07 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2
2013-10-03 16:07 - 2013-10-03 16:07 - 00000811 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
2013-10-02 14:27 - 2013-10-02 14:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:55 - 2008-07-12 07:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 11:55 - 2008-07-12 07:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-10-02 11:54 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\AppData\Local\PMB Files
2013-10-02 11:54 - 2013-10-29 19:25 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 ____D C:\Program Files\Pando Networks
2013-10-02 11:54 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-10-02 11:53 - 2013-10-02 11:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 __SHD C:\ProgramData\DSS
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-30 19:42 - 2013-09-30 19:42 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\OpenAL
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\BRS
2013-09-30 19:42 - 2011-04-16 00:40 - 00809496 ____R (Creative Labs Inc.) C:\Windows\system32\tmpD32E.tmp
2013-09-30 19:42 - 2011-03-19 14:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\system32\rapture3d_oal.dll
2013-09-30 19:42 - 2010-09-22 12:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\system32\mkl_blueripple.dll
==================== One Month Modified Files and Folders =======
2013-10-30 18:26 - 2013-10-30 18:26 - 00000000 ____D C:\FRST
2013-10-30 18:21 - 2012-06-05 19:14 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2013-10-30 18:21 - 2012-04-20 09:00 - 01594816 _____ C:\Windows\WindowsUpdate.log
2013-10-30 18:19 - 2013-10-30 18:19 - 01089275 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2013-10-30 18:19 - 2012-04-20 09:07 - 01575230 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-30 18:12 - 2013-10-12 13:49 - 00001064 ____N C:\Users\PC\AppData\Local\NetMailTmp.bin
2013-10-30 18:11 - 2013-10-28 15:48 - 00000560 _____ C:\Users\PC\AppData\Local\JunkAtx.bin
2013-10-30 18:06 - 2013-02-17 08:41 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-30 18:06 - 2013-02-17 08:41 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-30 17:56 - 2009-07-14 05:34 - 00019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-30 17:56 - 2009-07-14 05:34 - 00019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-30 17:51 - 2013-03-29 10:11 - 00619999 _____ C:\Windows\setupact.log
2013-10-30 17:51 - 2012-04-27 14:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-30 17:51 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 17:50 - 2013-10-28 18:00 - 00000000 ____D C:\32788R22FWJFW
2013-10-30 17:35 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\ShellNew
2013-10-30 17:28 - 2013-10-28 14:19 - 00000000 ____D C:\Users\PC\Desktop\dfgfdg
2013-10-30 17:25 - 2013-10-30 17:25 - 00002133 _____ C:\Users\PC\Desktop\Nový textový dokument.txt
2013-10-30 17:18 - 2013-10-30 17:18 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-30
2013-10-29 20:09 - 2012-07-01 20:11 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-29 19:27 - 2012-04-20 09:03 - 00000000 ____D C:\Users\PC
2013-10-29 19:25 - 2013-10-28 18:00 - 00000000 ____D C:\Windows\erdnt
2013-10-29 19:25 - 2013-10-25 15:13 - 00000000 ____D C:\Users\PC\Desktop\44656E6973
2013-10-29 19:25 - 2013-10-24 19:46 - 00000000 ____D C:\Users\PC\Desktop\pdf
2013-10-29 19:25 - 2013-10-18 20:36 - 00000000 ____D C:\Users\PC\Desktop\pokoj
2013-10-29 19:25 - 2013-10-12 13:49 - 00000000 ____D C:\Users\PC\AppData\Local\Loc.Mail.Bron.Tok
2013-10-29 19:25 - 2013-10-09 17:08 - 00000000 ____D C:\Users\PC\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2013-10-29 19:25 - 2013-10-07 13:36 - 00000000 ____D C:\Users\PC\Desktop\prohlaSENI
2013-10-29 19:25 - 2013-10-03 16:07 - 00000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2
2013-10-29 19:25 - 2013-10-02 11:54 - 00000000 ____D C:\Users\PC\AppData\Local\PMB Files
2013-10-29 19:25 - 2013-10-02 11:54 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-29 19:25 - 2013-07-15 19:27 - 00000000 ____D C:\Users\PC\Desktop\Aura
2013-10-29 19:25 - 2013-07-07 19:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-10-29 19:25 - 2013-06-25 16:28 - 00000000 ____D C:\Users\PC\AppData\Roaming\Delta
2013-10-29 19:25 - 2013-06-25 16:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Babylon
2013-10-29 19:25 - 2013-06-09 23:28 - 00000000 ____D C:\Users\PC\Documents\Bully Scholarship Edition
2013-10-29 19:25 - 2013-05-24 20:52 - 00000000 ____D C:\Users\PC\Documents\NHL09
2013-10-29 19:25 - 2013-05-24 20:10 - 00000000 ____D C:\ProgramData\Ashampoo
2013-10-29 19:25 - 2013-02-20 14:49 - 00000000 ____D C:\Users\PC\Desktop\DANTEM
2013-10-29 19:25 - 2013-02-05 23:26 - 00000000 ___RD C:\Users\PC\Documents\Notes
2013-10-29 19:25 - 2013-02-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-29 19:25 - 2013-01-31 18:27 - 00000000 ____D C:\Users\PC\Documents\GTA San Andreas User Files
2013-10-29 19:25 - 2013-01-29 21:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTesty - autoškola
2013-10-29 19:25 - 2012-12-24 14:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\Origin
2013-10-29 19:25 - 2012-12-24 14:50 - 00000000 ____D C:\ProgramData\Origin
2013-10-29 19:25 - 2012-12-24 14:47 - 00000000 ____D C:\Users\PC\Documents\FIFA 13
2013-10-29 19:25 - 2012-11-16 22:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2013-10-29 19:25 - 2012-11-01 18:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\DVDVideoSoft
2013-10-29 19:25 - 2012-10-06 14:33 - 00000000 ____D C:\ProgramData\BOINC
2013-10-29 19:25 - 2012-09-29 14:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\ICQ
2013-10-29 19:25 - 2012-09-26 18:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2013-10-29 19:25 - 2012-09-08 12:22 - 00000000 ___HD C:\Users\PC\Fotky
2013-10-29 19:25 - 2012-08-19 14:26 - 00000000 ____D C:\Users\PC\Documents\SCANIA Truck Driving Simulator
2013-10-29 19:25 - 2012-05-17 19:17 - 00000000 ____D C:\ProgramData\SendMails
2013-10-29 19:25 - 2012-04-27 14:28 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2012-04-27 14:28 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2012-04-26 14:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Winamp
2013-10-29 19:25 - 2012-04-26 14:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2013-10-29 19:25 - 2012-04-26 03:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2013-10-29 19:25 - 2012-04-25 19:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-29 19:25 - 2012-04-20 09:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2013-10-29 19:25 - 2012-04-20 09:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-29 19:25 - 2012-04-20 09:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2013-10-29 19:25 - 2012-04-20 09:05 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-29 19:25 - 2012-04-20 09:03 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2012-04-20 09:03 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 10:20 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-10-29 19:24 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-29 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-10-29 10:16 - 2013-10-29 10:16 - 00038116 _____ C:\Users\PC\Desktop\DontSleep.zip
2013-10-29 08:56 - 2013-10-29 08:56 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-29
2013-10-28 20:32 - 2013-10-28 20:32 - 00060903 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava listopad.xlsx
2013-10-28 17:59 - 2013-10-28 17:56 - 05136694 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2013-10-28 16:28 - 2013-10-28 16:28 - 00094658 _____ C:\Users\PC\Desktop\loggg.rar
2013-10-28 14:18 - 2013-10-28 14:18 - 06697210 _____ C:\Users\PC\Desktop\PCHunter_free.zip
2013-10-28 11:19 - 2012-12-24 14:50 - 00000000 ____D C:\Program Files\Origin
2013-10-28 10:58 - 2013-10-28 10:58 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-28
2013-10-27 12:34 - 2013-10-27 12:34 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-27
2013-10-26 15:29 - 2013-10-26 15:29 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-26
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\rsit
2013-10-25 20:30 - 2013-10-25 11:39 - 00781383 _____ C:\Users\PC\Desktop\RSIT.exe
2013-10-25 16:36 - 2012-04-20 09:12 - 00000000 ____D C:\Program Files\The KMPlayer
2013-10-25 16:18 - 2013-10-25 16:18 - 00325834 _____ C:\Users\PC\Desktop\Euro-Truck-Simulator-2-going-east-CRACK.rar
2013-10-25 15:09 - 2013-10-25 11:26 - 441539536 _____ (SCS Software ) C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ___HD C:\Windows\PIF
2013-10-25 11:33 - 2013-10-25 11:33 - 00034162 _____ C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe.torrent
2013-10-25 06:01 - 2013-10-25 06:01 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-25
2013-10-24 12:07 - 2013-10-24 12:07 - 01005750 _____ C:\Users\PC\Desktop\pdf.rar
2013-10-24 11:46 - 2013-10-24 11:46 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-24
2013-10-23 06:19 - 2013-10-23 06:19 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-23
2013-10-22 11:05 - 2013-10-22 11:05 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-22
2013-10-21 17:39 - 2013-10-21 17:39 - 00027136 ____N C:\Users\PC\Desktop\OSTRAVA Listopad.xls
2013-10-21 12:33 - 2013-10-21 12:32 - 00000000 ____D C:\Fifa 14 UE
2013-10-21 11:42 - 2013-10-21 11:42 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-21
2013-10-20 13:52 - 2013-10-20 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-20
2013-10-20 13:52 - 2012-04-28 23:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-20 13:52 - 2012-04-28 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-19 21:20 - 2013-10-19 21:19 - 67585472 _____ C:\Users\PC\Desktop\Film.wmv
2013-10-19 21:15 - 2013-10-19 21:15 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-19
2013-10-18 11:07 - 2013-10-18 11:07 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-18
2013-10-17 13:25 - 2013-10-17 13:25 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-17
2013-10-17 13:25 - 2009-07-14 05:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-16 13:16 - 2013-10-16 13:16 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-16
2013-10-15 11:59 - 2013-10-15 11:59 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-15
2013-10-14 16:05 - 2013-10-14 16:05 - 00000020 _____ C:\Users\PC\Desktop\subaru impreza.rar
2013-10-14 13:14 - 2013-10-14 13:14 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-14
2013-10-12 23:00 - 2013-10-12 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-13
2013-10-12 13:52 - 2013-10-12 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Ok-SendMail-Bron-tok
2013-10-12 13:49 - 2013-10-12 13:49 - 00000051 _____ C:\Users\PC\AppData\Local\Kosong.Bron.Tok.txt
2013-10-12 13:44 - 2013-10-12 13:44 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-12
2013-10-11 17:59 - 2013-10-11 17:58 - 00063027 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava říjen 2.pol.xlsx
2013-10-10 11:57 - 2013-04-12 07:16 - 08307310 _____ C:\Windows\PFRO.log
2013-10-09 17:18 - 2013-10-09 17:18 - 00002232 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-09 17:18 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-10-09 17:18 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-10-09 15:36 - 2013-10-08 18:36 - 17750408 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-07 18:47 - 2013-10-07 18:47 - 00026112 ____N C:\Users\PC\Desktop\OSTRAVA Říjen.xls
2013-10-04 12:43 - 2013-10-04 12:43 - 00000007 _____ C:\Users\PC\Documents\mt-e_hook.txt
2013-10-04 12:40 - 2013-10-04 12:40 - 00000000 ____D C:\Program Files\MegaDev
2013-10-04 12:01 - 2013-10-04 12:01 - 00000000 ____D C:\Users\PC\Documents\Eden Games
2013-10-04 11:56 - 2013-10-04 11:56 - 00000000 ____D C:\Users\PC\AppData\Local\CrashRpt
2013-10-03 20:13 - 2013-10-03 20:13 - 00000526 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
2013-10-03 16:19 - 2013-10-03 16:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-03 16:19 - 2012-04-27 14:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-03 16:07 - 2013-10-03 16:07 - 00000811 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
2013-10-02 14:27 - 2013-10-02 14:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 ____D C:\Program Files\Pando Networks
2013-10-02 11:54 - 2013-10-02 11:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 __SHD C:\ProgramData\DSS
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-30 19:44 - 2012-12-06 12:02 - 00000000 ____D C:\Users\PC\Documents\My Games
2013-09-30 19:42 - 2013-09-30 19:42 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\OpenAL
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\BRS
2013-09-30 14:54 - 2013-06-29 10:35 - 00000151 _____ C:\Windows\PhotoSnapViewer.INI
Files to move or delete:
====================
C:\Users\Default\Default.exe
C:\Users\PC\PC.exe
C:\Users\Public\Public.exe
C:\Users\UpdatusUser\UpdatusUser.exe
Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\CH.dll
C:\Users\PC\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\PC\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\PC\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\PC\AppData\Local\Temp\MP3_Launcher_1_27_0_0.exe
C:\Users\PC\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\PC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\PC\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\PC\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\PC\AppData\Local\Temp\nvStInst.exe
C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PC\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\PC\AppData\Local\Temp\Temp.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-21 15:50
==================== End Of Log ============================
Po pečlivém nastudování jsem se tedy s chutí pustil do restartování PC , poté mačkám F8 , vyberu volbu Nouzovy režim s příkazovým řádkem, dobrá PC najíždí zadam sve heslo a opět mam před sebou jen černou obrazovku ( tu mám vždy, ale aby se mi objevili ikony vždy musim dat CTRL+ALT+DEL a zadat že chci spustit novou ulohu Explorer.exe).. no tedy jsem chvili čekal ale žádný příkazový řádek se mi sam od sebe neobjevil tak jsem to zkusil manuálně normálně napsat CMD ale PC se samozřejmě restartoval. Tak opět mačkám F8 opět ta stejná pohádka ale jen jsem najel v nouzovem režimu na Flešku a spustil klasickým způsobem FRST, tak nevím jestli vám to tedy k něčemu bude :X
Log zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2013
Ran by PC (administrator) on PC-PC on 30-10-2013 18:26:13
Running from G:\
Microsoft Windows 7 Ultimate (X86) OS Language: Czech
Internet Explorer Version 8
Boot Mode: Safe Mode (minimal)
==================== Processes (Whitelisted) ===================
() C:\Users\PC\AppData\Local\winlogon.exe
() C:\Users\PC\AppData\Local\services.exe
() C:\Users\PC\AppData\Local\lsass.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Nvtmru] - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [Bron-Spizaetus] - C:\Windows\ShellNew\RakyatKelaparan.exe [45417 2013-05-22] ()
HKLM\...\Winlogon: [Shell] Explorer.exe "C:\Windows\KesenjanganSosial.exe" [x ] ()
HKCU\...\Run: [uTorrent] - C:\Program Files\uTorrent\uTorrent.exe [969104 2012-12-22] (BitTorrent, Inc.)
HKCU\...\Run: [RGSC] - D:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKCU\...\Run: [Tok-Cirrhatus] - [x]
HKCU\...\Run: [Tok-Cirrhatus-1167] - C:\Users\PC\AppData\Local\br3357on.exe [45417 2013-05-22] ()
HKCU\...\Policies\system: [DisableRegistryTools] 1
HKCU\...\Policies\system: [DisableCMD] 0
HKCU\...\Policies\Explorer: [NoFolderOptions] 1
MountPoints2: F - F:\Autorun.exe
MountPoints2: G - G:\Autorun.exe
MountPoints2: H - H:\AUTORUN.EXE
MountPoints2: {79bfb319-5f0d-11e2-965c-00e04d6bc9d5} - F:\MediaManager.exe
MountPoints2: {c0f64e8e-bf91-11e1-9f51-00e04d6bc9d5} - F:\Startme.exe
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.exe ()
AlternateShell: cmd-brontok.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 4&tsp=4953
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: ATTENTION ==> Default URLSearchHook is missing.
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-search.com/?q={search ... 4&tsp=4953
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: AutorunsDisabled\skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 109.231.191.1 109.231.191.3
FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=786800E04D6BC9D5&affID=121564&tsp=4953
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\PC\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\searchplugins\searchplugins.exe
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Delta Toolbar - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\ffxtlbr@delta.com
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\extensions.exe
FF Extension: No Name - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\78yi2wbv.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKLM\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro DirectPass Firefox Erweiterung - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - C:\Program Files\Trend Micro\TMIDS\PwmChromeExt\PwmChromeExt.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx
CHR HKLM\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\PC\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx
CHR StartMenuInternet: Google Chrome - C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [654408 2012-04-04] (Malwarebytes Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)
S2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-12-06] ()
S2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [230424 2013-09-11] (Trend Micro Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155320 2012-01-18] (Avanquest Software)
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-31] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
S3 Atc002; C:\Windows\System32\DRIVERS\l260x86.sys [29184 2009-07-13] (Atheros Communications, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-11-08] (AVG Technologies)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [61728 2013-09-11] (Trend Micro Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
S1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113072 2012-04-19] (Power Software Ltd)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-31] (Duplex Secure Ltd.)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-09-19] (TuneUp Software)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-30 18:26 - 2013-10-30 18:26 - 00000000 ____D C:\FRST
2013-10-30 18:19 - 2013-10-30 18:19 - 01089275 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2013-10-30 17:25 - 2013-10-30 17:25 - 00002133 _____ C:\Users\PC\Desktop\Nový textový dokument.txt
2013-10-30 17:18 - 2013-10-30 17:18 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-30
2013-10-29 10:16 - 2013-10-29 10:16 - 00038116 _____ C:\Users\PC\Desktop\DontSleep.zip
2013-10-29 08:56 - 2013-10-29 08:56 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-29
2013-10-28 20:32 - 2013-10-28 20:32 - 00060903 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava listopad.xlsx
2013-10-28 18:00 - 2013-10-30 17:50 - 00000000 ____D C:\32788R22FWJFW
2013-10-28 18:00 - 2013-10-29 19:25 - 00000000 ____D C:\Windows\erdnt
2013-10-28 17:56 - 2013-10-28 17:59 - 05136694 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2013-10-28 16:28 - 2013-10-28 16:28 - 00094658 _____ C:\Users\PC\Desktop\loggg.rar
2013-10-28 15:48 - 2013-10-30 18:11 - 00000560 _____ C:\Users\PC\AppData\Local\JunkAtx.bin
2013-10-28 14:19 - 2013-10-30 17:28 - 00000000 ____D C:\Users\PC\Desktop\dfgfdg
2013-10-28 14:18 - 2013-10-28 14:18 - 06697210 _____ C:\Users\PC\Desktop\PCHunter_free.zip
2013-10-28 10:58 - 2013-10-28 10:58 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-28
2013-10-27 12:34 - 2013-10-27 12:34 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-27
2013-10-26 15:29 - 2013-10-26 15:29 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-26
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\rsit
2013-10-25 16:18 - 2013-10-25 16:18 - 00325834 _____ C:\Users\PC\Desktop\Euro-Truck-Simulator-2-going-east-CRACK.rar
2013-10-25 15:13 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\44656E6973
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ___HD C:\Windows\PIF
2013-10-25 11:39 - 2013-10-25 20:30 - 00781383 _____ C:\Users\PC\Desktop\RSIT.exe
2013-10-25 11:33 - 2013-10-25 11:33 - 00034162 _____ C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe.torrent
2013-10-25 11:26 - 2013-10-25 15:09 - 441539536 _____ (SCS Software ) C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe
2013-10-25 06:01 - 2013-10-25 06:01 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-25
2013-10-24 19:46 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\pdf
2013-10-24 12:07 - 2013-10-24 12:07 - 01005750 _____ C:\Users\PC\Desktop\pdf.rar
2013-10-24 11:46 - 2013-10-24 11:46 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-24
2013-10-23 06:19 - 2013-10-23 06:19 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-23
2013-10-22 11:05 - 2013-10-22 11:05 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-22
2013-10-21 17:39 - 2013-10-21 17:39 - 00027136 ____N C:\Users\PC\Desktop\OSTRAVA Listopad.xls
2013-10-21 12:32 - 2013-10-21 12:33 - 00000000 ____D C:\Fifa 14 UE
2013-10-21 11:42 - 2013-10-21 11:42 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-21
2013-10-20 13:52 - 2013-10-20 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-20
2013-10-19 21:19 - 2013-10-19 21:20 - 67585472 _____ C:\Users\PC\Desktop\Film.wmv
2013-10-19 21:15 - 2013-10-19 21:15 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-19
2013-10-18 20:36 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\pokoj
2013-10-18 11:07 - 2013-10-18 11:07 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-18
2013-10-17 13:25 - 2013-10-17 13:25 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-17
2013-10-16 13:16 - 2013-10-16 13:16 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-16
2013-10-15 11:59 - 2013-10-15 11:59 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-15
2013-10-14 16:05 - 2013-10-14 16:05 - 00000020 _____ C:\Users\PC\Desktop\subaru impreza.rar
2013-10-14 13:14 - 2013-10-14 13:14 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-14
2013-10-12 23:00 - 2013-10-12 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-13
2013-10-12 13:52 - 2013-10-12 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Ok-SendMail-Bron-tok
2013-10-12 13:49 - 2013-10-30 18:12 - 00001064 ____N C:\Users\PC\AppData\Local\NetMailTmp.bin
2013-10-12 13:49 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\AppData\Local\Loc.Mail.Bron.Tok
2013-10-12 13:49 - 2013-10-12 13:49 - 00000051 _____ C:\Users\PC\AppData\Local\Kosong.Bron.Tok.txt
2013-10-12 13:44 - 2013-10-12 13:44 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-12
2013-10-11 17:58 - 2013-10-11 17:59 - 00063027 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava říjen 2.pol.xlsx
2013-10-09 17:18 - 2013-10-09 17:18 - 00002232 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-09 17:08 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2013-10-08 18:36 - 2013-10-09 15:36 - 17750408 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-07 18:47 - 2013-10-07 18:47 - 00026112 ____N C:\Users\PC\Desktop\OSTRAVA Říjen.xls
2013-10-07 13:36 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Desktop\prohlaSENI
2013-10-04 12:43 - 2013-10-04 12:43 - 00000007 _____ C:\Users\PC\Documents\mt-e_hook.txt
2013-10-04 12:40 - 2013-10-04 12:40 - 00000000 ____D C:\Program Files\MegaDev
2013-10-04 12:01 - 2013-10-04 12:01 - 00000000 ____D C:\Users\PC\Documents\Eden Games
2013-10-04 11:56 - 2013-10-04 11:56 - 00000000 ____D C:\Users\PC\AppData\Local\CrashRpt
2013-10-03 20:13 - 2013-10-03 20:13 - 00000526 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
2013-10-03 16:19 - 2013-10-03 16:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-03 16:15 - 2013-09-12 09:51 - 22102304 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 17560352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 09253664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2013-10-03 16:15 - 2013-09-12 09:51 - 07720576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 06329552 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 02789152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 02007328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 01049376 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3232723.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00893728 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3232723.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00586016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll
2013-10-03 16:15 - 2013-09-12 09:51 - 00515360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll
2013-10-03 16:11 - 2013-08-20 14:33 - 00033568 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2013-10-03 16:11 - 2013-08-20 14:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2013-10-03 16:07 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2
2013-10-03 16:07 - 2013-10-03 16:07 - 00000811 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
2013-10-02 14:27 - 2013-10-02 14:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:55 - 2008-07-12 07:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2013-10-02 11:55 - 2008-07-12 07:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2013-10-02 11:54 - 2013-10-29 19:25 - 00000000 ____D C:\Users\PC\AppData\Local\PMB Files
2013-10-02 11:54 - 2013-10-29 19:25 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 ____D C:\Program Files\Pando Networks
2013-10-02 11:54 - 2008-07-12 07:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2013-10-02 11:53 - 2013-10-02 11:54 - 00000000 ____D C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 __SHD C:\ProgramData\DSS
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-30 19:42 - 2013-09-30 19:42 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\OpenAL
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\BRS
2013-09-30 19:42 - 2011-04-16 00:40 - 00809496 ____R (Creative Labs Inc.) C:\Windows\system32\tmpD32E.tmp
2013-09-30 19:42 - 2011-03-19 14:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\Windows\system32\rapture3d_oal.dll
2013-09-30 19:42 - 2010-09-22 12:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\Windows\system32\mkl_blueripple.dll
==================== One Month Modified Files and Folders =======
2013-10-30 18:26 - 2013-10-30 18:26 - 00000000 ____D C:\FRST
2013-10-30 18:21 - 2012-06-05 19:14 - 00000000 ____D C:\Users\PC\AppData\Roaming\uTorrent
2013-10-30 18:21 - 2012-04-20 09:00 - 01594816 _____ C:\Windows\WindowsUpdate.log
2013-10-30 18:19 - 2013-10-30 18:19 - 01089275 _____ (Farbar) C:\Users\PC\Desktop\FRST.exe
2013-10-30 18:19 - 2012-04-20 09:07 - 01575230 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-30 18:12 - 2013-10-12 13:49 - 00001064 ____N C:\Users\PC\AppData\Local\NetMailTmp.bin
2013-10-30 18:11 - 2013-10-28 15:48 - 00000560 _____ C:\Users\PC\AppData\Local\JunkAtx.bin
2013-10-30 18:06 - 2013-02-17 08:41 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-30 18:06 - 2013-02-17 08:41 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-30 17:56 - 2009-07-14 05:34 - 00019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-30 17:56 - 2009-07-14 05:34 - 00019568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-30 17:51 - 2013-03-29 10:11 - 00619999 _____ C:\Windows\setupact.log
2013-10-30 17:51 - 2012-04-27 14:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-30 17:51 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-30 17:50 - 2013-10-28 18:00 - 00000000 ____D C:\32788R22FWJFW
2013-10-30 17:35 - 2009-07-14 10:20 - 00000000 ____D C:\Windows\ShellNew
2013-10-30 17:28 - 2013-10-28 14:19 - 00000000 ____D C:\Users\PC\Desktop\dfgfdg
2013-10-30 17:25 - 2013-10-30 17:25 - 00002133 _____ C:\Users\PC\Desktop\Nový textový dokument.txt
2013-10-30 17:18 - 2013-10-30 17:18 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-30
2013-10-29 20:09 - 2012-07-01 20:11 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-29 19:27 - 2012-04-20 09:03 - 00000000 ____D C:\Users\PC
2013-10-29 19:25 - 2013-10-28 18:00 - 00000000 ____D C:\Windows\erdnt
2013-10-29 19:25 - 2013-10-25 15:13 - 00000000 ____D C:\Users\PC\Desktop\44656E6973
2013-10-29 19:25 - 2013-10-24 19:46 - 00000000 ____D C:\Users\PC\Desktop\pdf
2013-10-29 19:25 - 2013-10-18 20:36 - 00000000 ____D C:\Users\PC\Desktop\pokoj
2013-10-29 19:25 - 2013-10-12 13:49 - 00000000 ____D C:\Users\PC\AppData\Local\Loc.Mail.Bron.Tok
2013-10-29 19:25 - 2013-10-09 17:08 - 00000000 ____D C:\Users\PC\Desktop\aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
2013-10-29 19:25 - 2013-10-07 13:36 - 00000000 ____D C:\Users\PC\Desktop\prohlaSENI
2013-10-29 19:25 - 2013-10-03 16:07 - 00000000 ____D C:\Users\PC\Documents\Euro Truck Simulator 2
2013-10-29 19:25 - 2013-10-02 11:54 - 00000000 ____D C:\Users\PC\AppData\Local\PMB Files
2013-10-29 19:25 - 2013-10-02 11:54 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-29 19:25 - 2013-07-15 19:27 - 00000000 ____D C:\Users\PC\Desktop\Aura
2013-10-29 19:25 - 2013-07-07 19:17 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-10-29 19:25 - 2013-06-25 16:28 - 00000000 ____D C:\Users\PC\AppData\Roaming\Delta
2013-10-29 19:25 - 2013-06-25 16:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\Babylon
2013-10-29 19:25 - 2013-06-09 23:28 - 00000000 ____D C:\Users\PC\Documents\Bully Scholarship Edition
2013-10-29 19:25 - 2013-05-24 20:52 - 00000000 ____D C:\Users\PC\Documents\NHL09
2013-10-29 19:25 - 2013-05-24 20:10 - 00000000 ____D C:\ProgramData\Ashampoo
2013-10-29 19:25 - 2013-02-20 14:49 - 00000000 ____D C:\Users\PC\Desktop\DANTEM
2013-10-29 19:25 - 2013-02-05 23:26 - 00000000 ___RD C:\Users\PC\Documents\Notes
2013-10-29 19:25 - 2013-02-05 19:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-29 19:25 - 2013-01-31 18:27 - 00000000 ____D C:\Users\PC\Documents\GTA San Andreas User Files
2013-10-29 19:25 - 2013-01-29 21:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTesty - autoškola
2013-10-29 19:25 - 2012-12-24 14:51 - 00000000 ____D C:\Users\PC\AppData\Roaming\Origin
2013-10-29 19:25 - 2012-12-24 14:50 - 00000000 ____D C:\ProgramData\Origin
2013-10-29 19:25 - 2012-12-24 14:47 - 00000000 ____D C:\Users\PC\Documents\FIFA 13
2013-10-29 19:25 - 2012-11-16 22:24 - 00000000 ____D C:\Users\PC\AppData\Roaming\TS3Client
2013-10-29 19:25 - 2012-11-01 18:36 - 00000000 ____D C:\Users\PC\AppData\Roaming\DVDVideoSoft
2013-10-29 19:25 - 2012-10-06 14:33 - 00000000 ____D C:\ProgramData\BOINC
2013-10-29 19:25 - 2012-09-29 14:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\ICQ
2013-10-29 19:25 - 2012-09-26 18:04 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2013-10-29 19:25 - 2012-09-08 12:22 - 00000000 ___HD C:\Users\PC\Fotky
2013-10-29 19:25 - 2012-08-19 14:26 - 00000000 ____D C:\Users\PC\Documents\SCANIA Truck Driving Simulator
2013-10-29 19:25 - 2012-05-17 19:17 - 00000000 ____D C:\ProgramData\SendMails
2013-10-29 19:25 - 2012-04-27 14:28 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2012-04-27 14:28 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2012-04-26 14:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Winamp
2013-10-29 19:25 - 2012-04-26 14:25 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2013-10-29 19:25 - 2012-04-26 03:22 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype
2013-10-29 19:25 - 2012-04-25 19:46 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-10-29 19:25 - 2012-04-20 09:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\WinRAR
2013-10-29 19:25 - 2012-04-20 09:37 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-10-29 19:25 - 2012-04-20 09:12 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2013-10-29 19:25 - 2012-04-20 09:05 - 00000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-29 19:25 - 2012-04-20 09:03 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2012-04-20 09:03 - 00000000 ___RD C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 10:20 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-29 19:25 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-10-29 19:24 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-29 19:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2013-10-29 10:16 - 2013-10-29 10:16 - 00038116 _____ C:\Users\PC\Desktop\DontSleep.zip
2013-10-29 08:56 - 2013-10-29 08:56 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-29
2013-10-28 20:32 - 2013-10-28 20:32 - 00060903 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava listopad.xlsx
2013-10-28 17:59 - 2013-10-28 17:56 - 05136694 ____R (Swearware) C:\Users\PC\Desktop\ComboFix.exe
2013-10-28 16:28 - 2013-10-28 16:28 - 00094658 _____ C:\Users\PC\Desktop\loggg.rar
2013-10-28 14:18 - 2013-10-28 14:18 - 06697210 _____ C:\Users\PC\Desktop\PCHunter_free.zip
2013-10-28 11:19 - 2012-12-24 14:50 - 00000000 ____D C:\Program Files\Origin
2013-10-28 10:58 - 2013-10-28 10:58 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-28
2013-10-27 12:34 - 2013-10-27 12:34 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-27
2013-10-26 15:29 - 2013-10-26 15:29 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-26
2013-10-25 20:30 - 2013-10-25 20:30 - 00000000 ____D C:\rsit
2013-10-25 20:30 - 2013-10-25 11:39 - 00781383 _____ C:\Users\PC\Desktop\RSIT.exe
2013-10-25 16:36 - 2012-04-20 09:12 - 00000000 ____D C:\Program Files\The KMPlayer
2013-10-25 16:18 - 2013-10-25 16:18 - 00325834 _____ C:\Users\PC\Desktop\Euro-Truck-Simulator-2-going-east-CRACK.rar
2013-10-25 15:09 - 2013-10-25 11:26 - 441539536 _____ (SCS Software ) C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe
2013-10-25 11:43 - 2013-10-25 11:43 - 00000000 ___HD C:\Windows\PIF
2013-10-25 11:33 - 2013-10-25 11:33 - 00034162 _____ C:\Users\PC\Desktop\EuroTruckSimulator2_1_5_2_dlc_east_setup_with_patch.exe.torrent
2013-10-25 06:01 - 2013-10-25 06:01 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-25
2013-10-24 12:07 - 2013-10-24 12:07 - 01005750 _____ C:\Users\PC\Desktop\pdf.rar
2013-10-24 11:46 - 2013-10-24 11:46 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-24
2013-10-23 06:19 - 2013-10-23 06:19 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-23
2013-10-22 11:05 - 2013-10-22 11:05 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-22
2013-10-21 17:39 - 2013-10-21 17:39 - 00027136 ____N C:\Users\PC\Desktop\OSTRAVA Listopad.xls
2013-10-21 12:33 - 2013-10-21 12:32 - 00000000 ____D C:\Fifa 14 UE
2013-10-21 11:42 - 2013-10-21 11:42 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-21
2013-10-20 13:52 - 2013-10-20 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-20
2013-10-20 13:52 - 2012-04-28 23:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-10-20 13:52 - 2012-04-28 23:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-10-19 21:20 - 2013-10-19 21:19 - 67585472 _____ C:\Users\PC\Desktop\Film.wmv
2013-10-19 21:15 - 2013-10-19 21:15 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-19
2013-10-18 11:07 - 2013-10-18 11:07 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-18
2013-10-17 13:25 - 2013-10-17 13:25 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-17
2013-10-17 13:25 - 2009-07-14 05:53 - 00032548 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-10-16 13:16 - 2013-10-16 13:16 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-16
2013-10-15 11:59 - 2013-10-15 11:59 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-15
2013-10-14 16:05 - 2013-10-14 16:05 - 00000020 _____ C:\Users\PC\Desktop\subaru impreza.rar
2013-10-14 13:14 - 2013-10-14 13:14 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-14
2013-10-12 23:00 - 2013-10-12 23:00 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-13
2013-10-12 13:52 - 2013-10-12 13:52 - 00000000 ____D C:\Users\PC\AppData\Local\Ok-SendMail-Bron-tok
2013-10-12 13:49 - 2013-10-12 13:49 - 00000051 _____ C:\Users\PC\AppData\Local\Kosong.Bron.Tok.txt
2013-10-12 13:44 - 2013-10-12 13:44 - 00000000 ____D C:\Users\PC\AppData\Local\Bron.tok-17-12
2013-10-11 17:59 - 2013-10-11 17:58 - 00063027 _____ C:\Users\PC\Desktop\POTVRZENÉ TERMÍNY Ostrava říjen 2.pol.xlsx
2013-10-10 11:57 - 2013-04-12 07:16 - 08307310 _____ C:\Windows\PFRO.log
2013-10-09 17:18 - 2013-10-09 17:18 - 00002232 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2013-10-09 17:18 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files\DVDVideoSoft
2013-10-09 17:18 - 2013-07-07 19:17 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2013-10-09 15:36 - 2013-10-08 18:36 - 17750408 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2013-10-07 18:47 - 2013-10-07 18:47 - 00026112 ____N C:\Users\PC\Desktop\OSTRAVA Říjen.xls
2013-10-04 12:43 - 2013-10-04 12:43 - 00000007 _____ C:\Users\PC\Documents\mt-e_hook.txt
2013-10-04 12:40 - 2013-10-04 12:40 - 00000000 ____D C:\Program Files\MegaDev
2013-10-04 12:01 - 2013-10-04 12:01 - 00000000 ____D C:\Users\PC\Documents\Eden Games
2013-10-04 11:56 - 2013-10-04 11:56 - 00000000 ____D C:\Users\PC\AppData\Local\CrashRpt
2013-10-03 20:13 - 2013-10-03 20:13 - 00000526 _____ C:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
2013-10-03 16:19 - 2013-10-03 16:19 - 00000000 ____D C:\Program Files\AGEIA Technologies
2013-10-03 16:19 - 2012-04-27 14:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-10-03 16:07 - 2013-10-03 16:07 - 00000811 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
2013-10-02 14:27 - 2013-10-02 14:27 - 00000000 ____D C:\Users\PC\AppData\Roaming\LolClient
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2013-10-02 11:54 - 2013-10-02 11:54 - 00000000 ____D C:\Program Files\Pando Networks
2013-10-02 11:54 - 2013-10-02 11:53 - 00000000 ____D C:\Users\PC\AppData\Roaming\Riot Games
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 __SHD C:\ProgramData\DSS
2013-09-30 19:44 - 2013-09-30 19:44 - 00000000 ____D C:\ProgramData\Codemasters
2013-09-30 19:44 - 2012-12-06 12:02 - 00000000 ____D C:\Users\PC\Documents\My Games
2013-09-30 19:42 - 2013-09-30 19:42 - 00444952 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\OpenAL
2013-09-30 19:42 - 2013-09-30 19:42 - 00000000 ____D C:\Program Files\BRS
2013-09-30 14:54 - 2013-06-29 10:35 - 00000151 _____ C:\Windows\PhotoSnapViewer.INI
Files to move or delete:
====================
C:\Users\Default\Default.exe
C:\Users\PC\PC.exe
C:\Users\Public\Public.exe
C:\Users\UpdatusUser\UpdatusUser.exe
Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\CH.dll
C:\Users\PC\AppData\Local\Temp\KMP_3.6.0.87.exe
C:\Users\PC\AppData\Local\Temp\KMP_3.7.0.109.exe
C:\Users\PC\AppData\Local\Temp\KMP_3.7.0.113.exe
C:\Users\PC\AppData\Local\Temp\MP3_Launcher_1_27_0_0.exe
C:\Users\PC\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\PC\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\PC\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\PC\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\PC\AppData\Local\Temp\nvStInst.exe
C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PC\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\PC\AppData\Local\Temp\Temp.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-10-21 15:50
==================== End Of Log ============================
Re: Prosím o kontrolu
Okej du na to, jen tak mimochodem, ze srandy jsem najel na PC Hunter abych se podíval zda tam jsou ty tři složky u kterých jsme dávali Force kill a stále tam jsou a mám pocit že tam je dokonce ještě nějaká nová ä to stejné když jsem se podíval do Startup tak tam jsou stále ty soubory co jsme předtím deletovali. Ale možná je to nromální co já vím.
Jdu zkusit v nouzáku místo explorer exe spustit cmd .
Jdu zkusit v nouzáku místo explorer exe spustit cmd .
Přispějete na provoz fóra?