Přikládám log z RSIT, nemám žádné problémy s PC a budu rád když mi vymažete nepotřebné spuštěné aplikace.
Díky
--
Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2014-02-02 15:47:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 529 GB (55%) free of 954 GB
Total RAM: 4087 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:55, on 2.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6465 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-fbc7f9f6-ce28-41c4-95a5-dd6108017a5f -SystemEventPortName:HostProcess-1fb8e606-8098-4e38-9278-defaf703b9aa -IoCancelEventPortName:HostProcess-89de187f-5bc7-4e26-bdf6-880adf9c3a68 -NonStateChangingEventPortName:HostProcess-a88f021e-8fa9-4d5a-89e2-c8bdd9f260db -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1cc7b4fd-4c79-44f6-8236-a5570165dd54 -DeviceGroupId:WpdFsGroup
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe [2013-08-20 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-01 14:09:39 ----D---- C:\Users\Honza\AppData\Roaming\The Creative Assembly
2014-02-01 13:46:28 ----D---- C:\Program Files (x86)\Total War ROME II
2014-01-31 22:43:09 ----D---- C:\Program Files\Bitdefender
2014-01-31 22:42:38 ----D---- C:\Users\Honza\AppData\Roaming\QuickScan
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-01-31 17:26:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-01-31 17:26:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-01-31 17:26:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-01-31 17:26:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-31 17:26:29 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-31 17:26:29 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-26 23:39:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-25 18:40:26 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-01-23 16:55:23 ----D---- C:\ProgramData\Oracle
2014-01-23 16:50:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-22 22:51:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-02 15:47:54 ----D---- C:\Windows\Temp
2014-02-02 15:47:54 ----D---- C:\Program Files\trend micro
2014-02-02 15:47:41 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-02 13:53:14 ----D---- C:\Windows\System32
2014-02-02 13:53:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-02 13:42:16 ----D---- C:\ProgramData\NVIDIA
2014-02-02 13:41:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-02-02 13:32:30 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 9
2014-02-02 12:31:49 ----D---- C:\Windows\Tasks
2014-02-02 12:31:49 ----D---- C:\Windows\system32\Tasks
2014-02-01 14:08:12 ----SHD---- C:\Windows\Installer
2014-02-01 14:08:12 ----SHD---- C:\Config.Msi
2014-02-01 13:46:28 ----RD---- C:\Program Files (x86)
2014-02-01 11:39:40 ----HD---- C:\ProgramData
2014-02-01 11:39:09 ----D---- C:\Windows\system32\drivers
2014-02-01 11:37:54 ----D---- C:\Windows
2014-01-31 22:43:30 ----D---- C:\Windows\Prefetch
2014-01-31 22:43:14 ----D---- C:\Windows\system32\DriverStore
2014-01-31 22:43:14 ----D---- C:\Windows\system32\catroot
2014-01-31 22:43:14 ----D---- C:\Windows\inf
2014-01-31 22:43:09 ----RD---- C:\Program Files
2014-01-31 17:29:30 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2014-01-31 17:28:28 ----D---- C:\Program Files (x86)\2K Sports
2014-01-31 17:26:59 ----D---- C:\Windows\SysWOW64
2014-01-31 17:26:12 ----RSD---- C:\Windows\assembly
2014-01-31 17:25:29 ----SHD---- C:\System Volume Information
2014-01-31 17:25:10 ----D---- C:\Windows\Logs
2014-01-31 17:19:29 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-01-27 11:04:12 ----D---- C:\Windows\system32\config
2014-01-24 18:20:56 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2014-01-23 19:56:46 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-01-23 16:50:39 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 16:50:23 ----D---- C:\Program Files (x86)\Java
2014-01-23 12:34:18 ----D---- C:\ProgramData\Skype
2014-01-23 12:34:16 ----RD---- C:\Program Files (x86)\Skype
2014-01-23 09:10:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-22 22:12:37 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-20 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
# AdwCleaner v3.018 - Report created 02/02/2014 at 20:47:49
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Honza\AppData\Local\thinstall
Folder Deleted : C:\Users\Honza\AppData\Roaming\thinstall
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16483
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\prefs.js ]
*************************
AdwCleaner[R0].txt - [2400 octets] - [02/02/2014 20:46:49]
AdwCleaner[S0].txt - [2237 octets] - [02/02/2014 20:47:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2297 octets] ##########
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Honza - HONZA-PC
# Running from : C:\Users\Honza\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Honza\AppData\Local\thinstall
Folder Deleted : C:\Users\Honza\AppData\Roaming\thinstall
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_minecraft-skinedit_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16483
-\\ Mozilla Firefox v26.0 (cs)
[ File : C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843\prefs.js ]
*************************
AdwCleaner[R0].txt - [2400 octets] - [02/02/2014 20:46:49]
AdwCleaner[S0].txt - [2237 octets] - [02/02/2014 20:47:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2297 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2014-02-02 21:33:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 529 GB (55%) free of 954 GB
Total RAM: 4087 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:33:21, on 2.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-05cf0d51-0dca-4af6-bf66-fa4cb7375155 -SystemEventPortName:HostProcess-724010dc-854a-48a9-8658-99690f59b48d -IoCancelEventPortName:HostProcess-2e233c50-1f1a-464c-9d49-3b0dc76c667a -NonStateChangingEventPortName:HostProcess-873885cb-8276-47dd-97dd-28c927fb7752 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db9db54a-4626-4eef-a0d9-ef91d9089967 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3876.14d66600.1596528950 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3876 "\\.\pipe\gecko-crash-server-pipe.3876" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash1760.6B0AB990.26829 --host-broker-channel=Flash1760.6B0AB990.26278 --host-pid=1760 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=768.002EF5D4.736341555 --proxy-stub-channel=Flash1760.6B0AB990.26829 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe [2013-08-20 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-02 20:46:40 ----D---- C:\AdwCleaner
2014-02-01 14:09:39 ----D---- C:\Users\Honza\AppData\Roaming\The Creative Assembly
2014-02-01 13:46:28 ----D---- C:\Program Files (x86)\Total War ROME II
2014-01-31 22:43:09 ----D---- C:\Program Files\Bitdefender
2014-01-31 22:42:38 ----D---- C:\Users\Honza\AppData\Roaming\QuickScan
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-01-31 17:26:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-01-31 17:26:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-01-31 17:26:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-01-31 17:26:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-31 17:26:29 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-31 17:26:29 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-26 23:39:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-25 18:40:26 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-01-23 16:55:23 ----D---- C:\ProgramData\Oracle
2014-01-23 16:50:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-22 22:51:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-02 21:33:20 ----D---- C:\Program Files\trend micro
2014-02-02 21:33:19 ----D---- C:\Windows\Temp
2014-02-02 20:53:03 ----D---- C:\Windows\System32
2014-02-02 20:53:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-02 20:48:39 ----D---- C:\ProgramData\NVIDIA
2014-02-02 16:12:02 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-02 13:41:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-02-02 13:32:30 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 9
2014-02-02 12:31:49 ----D---- C:\Windows\Tasks
2014-02-02 12:31:49 ----D---- C:\Windows\system32\Tasks
2014-02-01 14:08:12 ----SHD---- C:\Windows\Installer
2014-02-01 14:08:12 ----SHD---- C:\Config.Msi
2014-02-01 13:46:28 ----RD---- C:\Program Files (x86)
2014-02-01 11:39:40 ----HD---- C:\ProgramData
2014-02-01 11:39:09 ----D---- C:\Windows\system32\drivers
2014-02-01 11:37:54 ----D---- C:\Windows
2014-01-31 22:43:30 ----D---- C:\Windows\Prefetch
2014-01-31 22:43:14 ----D---- C:\Windows\system32\DriverStore
2014-01-31 22:43:14 ----D---- C:\Windows\system32\catroot
2014-01-31 22:43:14 ----D---- C:\Windows\inf
2014-01-31 22:43:09 ----RD---- C:\Program Files
2014-01-31 17:29:30 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2014-01-31 17:28:28 ----D---- C:\Program Files (x86)\2K Sports
2014-01-31 17:26:59 ----D---- C:\Windows\SysWOW64
2014-01-31 17:26:12 ----RSD---- C:\Windows\assembly
2014-01-31 17:25:29 ----SHD---- C:\System Volume Information
2014-01-31 17:25:10 ----D---- C:\Windows\Logs
2014-01-31 17:19:29 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-01-27 11:04:12 ----D---- C:\Windows\system32\config
2014-01-24 18:20:56 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2014-01-23 19:56:46 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-01-23 16:50:39 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 16:50:23 ----D---- C:\Program Files (x86)\Java
2014-01-23 12:34:18 ----D---- C:\ProgramData\Skype
2014-01-23 12:34:16 ----RD---- C:\Program Files (x86)\Skype
2014-01-23 09:10:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-22 22:12:37 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-20 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by Honza at 2014-02-02 21:33:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 529 GB (55%) free of 954 GB
Total RAM: 4087 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:33:21, on 2.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-05cf0d51-0dca-4af6-bf66-fa4cb7375155 -SystemEventPortName:HostProcess-724010dc-854a-48a9-8658-99690f59b48d -IoCancelEventPortName:HostProcess-2e233c50-1f1a-464c-9d49-3b0dc76c667a -NonStateChangingEventPortName:HostProcess-873885cb-8276-47dd-97dd-28c927fb7752 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:db9db54a-4626-4eef-a0d9-ef91d9089967 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3876.14d66600.1596528950 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3876 "\\.\pipe\gecko-crash-server-pipe.3876" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash1760.6B0AB990.26829 --host-broker-channel=Flash1760.6B0AB990.26278 --host-pid=1760 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=768.002EF5D4.736341555 --proxy-stub-channel=Flash1760.6B0AB990.26829 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe [2013-08-20 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-02 20:46:40 ----D---- C:\AdwCleaner
2014-02-01 14:09:39 ----D---- C:\Users\Honza\AppData\Roaming\The Creative Assembly
2014-02-01 13:46:28 ----D---- C:\Program Files (x86)\Total War ROME II
2014-01-31 22:43:09 ----D---- C:\Program Files\Bitdefender
2014-01-31 22:42:38 ----D---- C:\Users\Honza\AppData\Roaming\QuickScan
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-01-31 17:26:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-01-31 17:26:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-01-31 17:26:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-01-31 17:26:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-31 17:26:29 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-31 17:26:29 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-26 23:39:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-25 18:40:26 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-01-23 16:55:23 ----D---- C:\ProgramData\Oracle
2014-01-23 16:50:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-22 22:51:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-02 21:33:20 ----D---- C:\Program Files\trend micro
2014-02-02 21:33:19 ----D---- C:\Windows\Temp
2014-02-02 20:53:03 ----D---- C:\Windows\System32
2014-02-02 20:53:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-02 20:48:39 ----D---- C:\ProgramData\NVIDIA
2014-02-02 16:12:02 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-02 13:41:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-02-02 13:32:30 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 9
2014-02-02 12:31:49 ----D---- C:\Windows\Tasks
2014-02-02 12:31:49 ----D---- C:\Windows\system32\Tasks
2014-02-01 14:08:12 ----SHD---- C:\Windows\Installer
2014-02-01 14:08:12 ----SHD---- C:\Config.Msi
2014-02-01 13:46:28 ----RD---- C:\Program Files (x86)
2014-02-01 11:39:40 ----HD---- C:\ProgramData
2014-02-01 11:39:09 ----D---- C:\Windows\system32\drivers
2014-02-01 11:37:54 ----D---- C:\Windows
2014-01-31 22:43:30 ----D---- C:\Windows\Prefetch
2014-01-31 22:43:14 ----D---- C:\Windows\system32\DriverStore
2014-01-31 22:43:14 ----D---- C:\Windows\system32\catroot
2014-01-31 22:43:14 ----D---- C:\Windows\inf
2014-01-31 22:43:09 ----RD---- C:\Program Files
2014-01-31 17:29:30 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2014-01-31 17:28:28 ----D---- C:\Program Files (x86)\2K Sports
2014-01-31 17:26:59 ----D---- C:\Windows\SysWOW64
2014-01-31 17:26:12 ----RSD---- C:\Windows\assembly
2014-01-31 17:25:29 ----SHD---- C:\System Volume Information
2014-01-31 17:25:10 ----D---- C:\Windows\Logs
2014-01-31 17:19:29 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-01-27 11:04:12 ----D---- C:\Windows\system32\config
2014-01-24 18:20:56 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2014-01-23 19:56:46 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-01-23 16:50:39 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 16:50:23 ----D---- C:\Program Files (x86)\Java
2014-01-23 12:34:18 ----D---- C:\ProgramData\Skype
2014-01-23 12:34:16 ----RD---- C:\Program Files (x86)\Skype
2014-01-23 09:10:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-22 22:12:37 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-20 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Logfile of random's system information tool 1.09 (written by random/random)
Run by Honza at 2014-02-02 23:25:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 529 GB (55%) free of 954 GB
Total RAM: 4087 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:57, on 2.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-eda4281c-a7e0-406c-8ca6-c8a5795d4f39 -
SystemEventPortName:HostProcess-f75b7fa2-17f0-47d3-9b9a-275eb5994a3d -IoCancelEventPortName:HostProcess-026ae294-8693-40c9-a5d3-65a2bb9f6146 -
NonStateChangingEventPortName:HostProcess-19db09da-45db-44a8-9363-d3d634f52c22 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ed9bccb-8892-
4584-b557-a58ba7da3711 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3528.1fcef600.336301474 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files
(x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3528 "\\.\pipe\gecko-crash-
server-pipe.3528" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash4036.6AF6B990.247 --host-broker-channel=Flash4036.6AF6B990.15475 --host-pid=4036 --host-
npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=4072.0022F31C.1713899241 --proxy-stub-channel=Flash4036.6AF6B990.247 --plugin-path="C:\Windows
\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {C01A90B9-CC99-43A5-AB2B-33C40DBA7340}
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe [2013-08-20 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-02 23:21:23 ----D---- C:\_OTM
2014-02-02 20:46:40 ----D---- C:\AdwCleaner
2014-02-01 14:09:39 ----D---- C:\Users\Honza\AppData\Roaming\The Creative Assembly
2014-02-01 13:46:28 ----D---- C:\Program Files (x86)\Total War ROME II
2014-01-31 22:43:09 ----D---- C:\Program Files\Bitdefender
2014-01-31 22:42:38 ----D---- C:\Users\Honza\AppData\Roaming\QuickScan
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-01-31 17:26:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-01-31 17:26:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-01-31 17:26:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-01-31 17:26:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-31 17:26:29 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-31 17:26:29 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-26 23:39:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-25 18:40:26 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-01-23 16:55:23 ----D---- C:\ProgramData\Oracle
2014-01-23 16:50:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-22 22:51:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-02 23:25:56 ----D---- C:\Program Files\trend micro
2014-02-02 23:23:42 ----D---- C:\Windows\Temp
2014-02-02 23:23:06 ----D---- C:\ProgramData\NVIDIA
2014-02-02 23:22:10 ----D---- C:\Windows
2014-02-02 20:53:03 ----D---- C:\Windows\System32
2014-02-02 20:53:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-02 16:12:02 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-02 13:41:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-02-02 13:32:30 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 9
2014-02-02 12:31:49 ----D---- C:\Windows\Tasks
2014-02-02 12:31:49 ----D---- C:\Windows\system32\Tasks
2014-02-01 14:08:12 ----SHD---- C:\Windows\Installer
2014-02-01 14:08:12 ----SHD---- C:\Config.Msi
2014-02-01 13:46:28 ----RD---- C:\Program Files (x86)
2014-02-01 11:39:40 ----HD---- C:\ProgramData
2014-02-01 11:39:09 ----D---- C:\Windows\system32\drivers
2014-01-31 22:43:30 ----D---- C:\Windows\Prefetch
2014-01-31 22:43:14 ----D---- C:\Windows\system32\DriverStore
2014-01-31 22:43:14 ----D---- C:\Windows\system32\catroot
2014-01-31 22:43:14 ----D---- C:\Windows\inf
2014-01-31 22:43:09 ----RD---- C:\Program Files
2014-01-31 17:29:30 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2014-01-31 17:28:28 ----D---- C:\Program Files (x86)\2K Sports
2014-01-31 17:26:59 ----D---- C:\Windows\SysWOW64
2014-01-31 17:26:12 ----RSD---- C:\Windows\assembly
2014-01-31 17:25:29 ----SHD---- C:\System Volume Information
2014-01-31 17:25:10 ----D---- C:\Windows\Logs
2014-01-31 17:19:29 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-01-27 11:04:12 ----D---- C:\Windows\system32\config
2014-01-24 18:20:56 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2014-01-23 19:56:46 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-01-23 16:50:39 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 16:50:23 ----D---- C:\Program Files (x86)\Java
2014-01-23 12:34:18 ----D---- C:\ProgramData\Skype
2014-01-23 12:34:16 ----RD---- C:\Program Files (x86)\Skype
2014-01-23 09:10:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-22 22:12:37 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-20 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Run by Honza at 2014-02-02 23:25:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 529 GB (55%) free of 954 GB
Total RAM: 4087 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:25:57, on 2.2.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16483)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
C:\Program Files\trend micro\Honza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1379411598-525497723-484556184-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Honza\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6718 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3
ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-eda4281c-a7e0-406c-8ca6-c8a5795d4f39 -
SystemEventPortName:HostProcess-f75b7fa2-17f0-47d3-9b9a-275eb5994a3d -IoCancelEventPortName:HostProcess-026ae294-8693-40c9-a5d3-65a2bb9f6146 -
NonStateChangingEventPortName:HostProcess-19db09da-45db-44a8-9363-d3d634f52c22 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ed9bccb-8892-
4584-b557-a58ba7da3711 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible;
MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3528.1fcef600.336301474 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" -greomni "C:\Program Files
(x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3528 "\\.\pipe\gecko-crash-
server-pipe.3528" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --proxy-stub-channel=Flash4036.6AF6B990.247 --host-broker-channel=Flash4036.6AF6B990.15475 --host-pid=4036 --host-
npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe" --channel=4072.0022F31C.1713899241 --proxy-stub-channel=Flash4036.6AF6B990.247 --plugin-path="C:\Windows
\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll" --host-npapi-version=27 --type=renderer
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
taskeng.exe {C01A90B9-CC99-43A5-AB2B-33C40DBA7340}
"C:\Users\Honza\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\c7qdeahl.default-1390425784843
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk]
"Description"=Garena Talk Plugin
"Path"=C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.94 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-05 2345848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-02-13 844144]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Honza\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-24 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Honza\AppData\Roaming\ICQM\icq.exe [2013-08-20 28698984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-15 20588704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"=C:\Windows\RaidTool\xInsIDE.exe [2010-01-19 43632]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"VIDC.FPS1"=frapsv64.dll
"msacm.ac3filter"=ac3filter64.acm
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-02-02 23:21:23 ----D---- C:\_OTM
2014-02-02 20:46:40 ----D---- C:\AdwCleaner
2014-02-01 14:09:39 ----D---- C:\Users\Honza\AppData\Roaming\The Creative Assembly
2014-02-01 13:46:28 ----D---- C:\Program Files (x86)\Total War ROME II
2014-01-31 22:43:09 ----D---- C:\Program Files\Bitdefender
2014-01-31 22:42:38 ----D---- C:\Users\Honza\AppData\Roaming\QuickScan
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-01-31 17:26:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-01-31 17:26:56 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-01-31 17:26:55 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-01-31 17:26:54 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-01-31 17:26:54 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-01-31 17:26:53 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-01-31 17:26:51 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-01-31 17:26:47 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-01-31 17:26:45 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-01-31 17:26:43 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-01-31 17:26:41 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-01-31 17:26:39 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-01-31 17:26:38 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-01-31 17:26:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-01-31 17:26:37 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-01-31 17:26:36 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-31 17:26:34 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-31 17:26:31 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-31 17:26:30 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-31 17:26:29 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-31 17:26:29 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-31 17:26:27 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-31 17:26:26 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-31 17:26:25 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-31 17:26:23 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-26 23:39:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-01-25 18:40:26 ----D---- C:\Users\Honza\AppData\Roaming\.minecraft
2014-01-23 16:55:23 ----D---- C:\ProgramData\Oracle
2014-01-23 16:50:27 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-01-23 16:50:23 ----A---- C:\Windows\SYSWOW64\java.exe
2014-01-22 22:51:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of files/folders modified in the last 1 month======
2014-02-02 23:25:56 ----D---- C:\Program Files\trend micro
2014-02-02 23:23:42 ----D---- C:\Windows\Temp
2014-02-02 23:23:06 ----D---- C:\ProgramData\NVIDIA
2014-02-02 23:22:10 ----D---- C:\Windows
2014-02-02 20:53:03 ----D---- C:\Windows\System32
2014-02-02 20:53:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-02 16:12:02 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2014-02-02 13:41:09 ----D---- C:\Users\Honza\AppData\Roaming\BitTorrent
2014-02-02 13:32:30 ----D---- C:\Program Files (x86)\WYSIWYG Web Builder 9
2014-02-02 12:31:49 ----D---- C:\Windows\Tasks
2014-02-02 12:31:49 ----D---- C:\Windows\system32\Tasks
2014-02-01 14:08:12 ----SHD---- C:\Windows\Installer
2014-02-01 14:08:12 ----SHD---- C:\Config.Msi
2014-02-01 13:46:28 ----RD---- C:\Program Files (x86)
2014-02-01 11:39:40 ----HD---- C:\ProgramData
2014-02-01 11:39:09 ----D---- C:\Windows\system32\drivers
2014-01-31 22:43:30 ----D---- C:\Windows\Prefetch
2014-01-31 22:43:14 ----D---- C:\Windows\system32\DriverStore
2014-01-31 22:43:14 ----D---- C:\Windows\system32\catroot
2014-01-31 22:43:14 ----D---- C:\Windows\inf
2014-01-31 22:43:09 ----RD---- C:\Program Files
2014-01-31 17:29:30 ----D---- C:\Users\Honza\AppData\Roaming\2K Sports
2014-01-31 17:28:28 ----D---- C:\Program Files (x86)\2K Sports
2014-01-31 17:26:59 ----D---- C:\Windows\SysWOW64
2014-01-31 17:26:12 ----RSD---- C:\Windows\assembly
2014-01-31 17:25:29 ----SHD---- C:\System Volume Information
2014-01-31 17:25:10 ----D---- C:\Windows\Logs
2014-01-31 17:19:29 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2014-01-27 11:04:12 ----D---- C:\Windows\system32\config
2014-01-24 18:20:56 ----D---- C:\Users\Honza\AppData\Roaming\Mozilla
2014-01-23 19:56:46 ----D---- C:\Users\Honza\AppData\Roaming\Winamp
2014-01-23 16:50:39 ----D---- C:\Program Files (x86)\Common Files
2014-01-23 16:50:23 ----D---- C:\Program Files (x86)\Java
2014-01-23 12:34:18 ----D---- C:\ProgramData\Skype
2014-01-23 12:34:16 ----RD---- C:\Program Files (x86)\Skype
2014-01-23 09:10:51 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-22 22:12:37 ----D---- C:\Program Files (x86)\Google
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-05-09 65336]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-06-27 189936]
R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2010-01-27 115312]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2013-05-09 72016]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-06-27 1030952]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-06-27 378944]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-05-09 64288]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-27 283200]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-05-09 33400]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-05-09 80816]
R3 CompFilter64;UVCCompositeFilter; C:\Windows\system32\DRIVERS\lvbflt64.sys [2012-09-21 24608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-09-21 351520]
R3 LVUVC64;Logitech HD Webcam C510(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-09-21 4763680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-06-04 103448]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-02-06 203544]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Users\Honza\Downloads\TuneUpPortable1\APP\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-02-17 14464]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-07-20 75136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-22 257416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-22 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-27 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Ok?? Jsem spokojen i nadale.. 
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Tak to jsem rád!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
Zbývá už Vám jen poděkovat a ještě malý dotaz co jsme vůbec čistili za havěť?
a ještě malý dotaz co jsme vůbec čistili za havěť? -
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Čistokrevný virus tam nebyl, jen pár AdWarů a zbytečnosti. Vše je pryč. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?