Logfile of random's system information tool 1.08 (written by random/random)
Run by Jaruneczka at 2014-07-13 16:31:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 255 GB (88%) free of 290 GB
Total RAM: 1900 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:07, on 13.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\trend micro\Jaruneczka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - Acer Incorporated - (no file)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7490 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
taskeng.exe {F35C0CF5-E0AD-47A9-A800-910BCBFE0A97}
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {25A9AC3E-9DEB-4B4F-AFE6-C5720C9BEC79}
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Jaruneczka\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-16 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2000-01-01 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2000-01-01 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:/Program Files (x86)/ManyCam/ManyCam.exe --silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
C:\Windows\inf\msckgra.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2000-01-01 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsiVideo]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoResolveSearch"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-07-13 16:31:02 ----D---- C:\rsit
2014-07-13 16:31:02 ----D---- C:\Program Files\trend micro
2014-07-13 16:10:55 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2014-07-13 11:55:44 ----D---- C:\Windows\ERUNT
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 20:36:02 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 20:35:59 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 20:35:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 20:35:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 20:35:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 20:35:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 20:35:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 20:35:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 20:35:49 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 20:35:43 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 20:35:42 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 20:35:41 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 20:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 20:35:20 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 20:35:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 20:35:03 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 20:35:03 ----A---- C:\Windows\system32\osk.exe
2014-07-01 16:44:51 ----D---- C:\Program Files\Adblock Plus for IE
2014-07-01 16:44:46 ----D---- C:\ProgramData\Package Cache
2014-07-01 09:04:22 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-22 09:39:04 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Skype
2014-06-22 09:38:55 ----RD---- C:\Program Files (x86)\Skype
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-06-22 01:24:49 ----D---- C:\Users\Jaruneczka\AppData\Roaming\ManyCam
2014-06-22 01:23:38 ----D---- C:\Program Files (x86)\ManyCam
2014-06-22 00:15:50 ----D---- C:\Users\Jaruneczka\AppData\Roaming\CyberLink
2014-06-21 23:52:57 ----D---- C:\ProgramData\CyberLink
2014-06-21 20:31:00 ----D---- C:\ProgramData\Acer
2014-06-21 19:15:05 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Visicom Media
2014-06-21 19:09:00 ----D---- C:\ProgramData\Visicom Media
2014-06-21 19:08:54 ----D---- C:\Program Files\Visicom Media
2014-06-19 06:34:12 ----D---- C:\Program Files\Windows Doctor
2014-06-16 05:21:46 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-16 05:19:42 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Oracle
2014-06-16 05:17:29 ----A---- C:\Windows\system32\javaws.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-16 05:17:22 ----A---- C:\Windows\system32\javaw.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\java.exe
2014-06-16 05:17:01 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 months======
2014-07-13 16:31:04 ----D---- C:\Windows\Temp
2014-07-13 16:31:02 ----RD---- C:\Program Files
2014-07-13 16:28:30 ----D---- C:\Program Files (x86)
2014-07-13 16:26:54 ----D---- C:\Windows
2014-07-13 16:25:22 ----D---- C:\Windows\SoftwareDistribution
2014-07-13 16:24:01 ----D---- C:\ProgramData\clear.fi
2014-07-13 16:23:51 ----D---- C:\Windows\system32\config
2014-07-13 16:23:30 ----D---- C:\Windows\Prefetch
2014-07-13 16:22:16 ----D---- C:\Windows\debug
2014-07-13 16:10:55 ----D---- C:\Windows\SysWOW64
2014-07-13 16:01:34 ----SHD---- C:\Windows\Installer
2014-07-13 07:21:47 ----D---- C:\Windows\system32\Tasks
2014-07-12 16:08:15 ----D---- C:\Windows\rescache
2014-07-11 05:53:32 ----D---- C:\Program Files (x86)\Common Files
2014-07-11 05:53:26 ----D---- C:\ProgramData\Skype
2014-07-10 15:47:40 ----D---- C:\Luba faktury stacík
2014-07-10 08:23:50 ----D---- C:\Program Files\Puran Utilities
2014-07-10 08:12:48 ----SHD---- C:\System Volume Information
2014-07-10 08:05:01 ----D---- C:\ProgramData
2014-07-10 08:02:52 ----D---- C:\Windows\system32\drivers
2014-07-10 07:31:38 ----D---- C:\Program Files (x86)\Google
2014-07-10 07:31:37 ----D---- C:\Windows\Tasks
2014-07-10 06:53:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 09:50:38 ----D---- C:\Users\Jaruneczka\AppData\Roaming\PowerCinema
2014-07-09 06:17:23 ----D---- C:\Windows\inf
2014-07-09 05:46:23 ----D---- C:\Windows\system32\catroot2
2014-07-08 21:03:27 ----D---- C:\Windows\winsxs
2014-07-08 21:00:06 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 21:00:06 ----D---- C:\Windows\System32
2014-07-08 21:00:06 ----D---- C:\Program Files\Windows Journal
2014-07-08 21:00:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 21:00:05 ----D---- C:\Windows\system32\Dism
2014-07-08 21:00:04 ----D---- C:\Windows\ehome
2014-07-08 21:00:03 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 21:00:03 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 21:00:03 ----D---- C:\Program Files\Internet Explorer
2014-07-08 21:00:02 ----D---- C:\Windows\system32\en-US
2014-07-08 21:00:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 20:45:27 ----D---- C:\Windows\system32\MRT
2014-07-08 20:39:03 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 20:34:59 ----D---- C:\Windows\system32\catroot
2014-07-06 16:37:20 ----D---- C:\Fotky
2014-07-06 15:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 17:31:41 ----D---- C:\Program Files (x86)\Launch Manager
2014-07-04 08:02:21 ----D---- C:\Windows\system32\NDF
2014-07-02 06:24:34 ----A---- C:\Windows\wininit.ini
2014-07-02 06:24:30 ----SD---- C:\ProgramData\Microsoft
2014-06-27 06:55:45 ----D---- C:\Windows\SYSWOW64\config
2014-06-26 07:06:16 ----D---- C:\Program Files\CCleaner
2014-06-24 15:36:24 ----D---- C:\Zálohy
2014-06-22 10:14:22 ----D---- C:\Hry
2014-06-22 09:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:17:53 ----D---- C:\Program Files (x86)\47659
2014-06-22 06:57:27 ----D---- C:\Windows\system32\DriverStore
2014-06-22 01:24:49 ----AD---- C:\ProgramData\Temp
2014-06-22 01:08:48 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Mozilla
2014-06-22 00:09:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 00:08:36 ----D---- C:\Program Files (x86)\Acer
2014-06-21 19:57:46 ----D---- C:\Windows\system32\wbem
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\vlc
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\IrfanView
2014-06-21 19:56:50 ----D---- C:\Windows\system32\Macromed
2014-06-21 19:56:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-21 19:56:50 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-21 19:56:49 ----D---- C:\Windows\SYSWOW64\Macromed
2014-06-21 19:56:49 ----D---- C:\Windows\registration
2014-06-19 08:15:49 ----RSD---- C:\Windows\assembly
2014-06-19 08:15:49 ----D---- C:\Windows\Microsoft.NET
2014-06-16 05:21:53 ----D---- C:\ProgramData\Oracle
2014-06-16 05:21:40 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-11-20 4028928]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-11-28 34384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 117912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-05-13 42224]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 40896]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-09-03 21712]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-05-22 156360]
S3 esihdrv;esihdrv; \??\C:\Users\JARUNE~1\AppData\Local\Temp\esihdrv.sys []
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2013-11-28 318592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-23 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S4 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
-
Rudy
- Site Admin
- Příspěvky: 119317
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Zdravím!
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\inf\msckgra.vbe
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
:services
BBSvc
BBUpdate
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jaruneczka at 2014-07-13 19:19:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 254 GB (88%) free of 290 GB
Total RAM: 1900 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:34, on 13.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\trend micro\Jaruneczka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - Acer Incorporated - (no file)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7092 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {9C3BBC88-A0AC-464A-B35E-BE1D3EBC796C}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3578E3C7-14E2-45A0-BC2A-BADBC2ED7FC6}
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Jaruneczka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-16 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2000-01-01 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2000-01-01 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:/Program Files (x86)/ManyCam/ManyCam.exe --silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
C:\Windows\inf\msckgra.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2000-01-01 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsiVideo]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoResolveSearch"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-07-13 19:19:28 ----D---- C:\rsit
2014-07-13 19:14:15 ----D---- C:\_OTM
2014-07-13 18:40:49 ----AD---- C:\Windows\rundll16.exe
2014-07-13 18:40:49 ----AD---- C:\Windows\logo1_.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\VDLL.DLL
2014-07-13 17:31:13 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\RUNDL132.EXE
2014-07-13 17:31:13 ----AD---- C:\Windows\logo_1.exe
2014-07-13 17:23:15 ----A---- C:\Windows\system32\drivers\trufos.sys
2014-07-13 17:23:09 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2014-07-13 17:23:08 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2014-07-13 17:23:06 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2014-07-13 17:23:05 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2014-07-13 17:22:58 ----D---- C:\ProgramData\MicroWorld
2014-07-13 16:31:02 ----D---- C:\Program Files\trend micro
2014-07-13 16:10:55 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2014-07-13 11:55:44 ----D---- C:\Windows\ERUNT
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 20:36:02 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 20:35:59 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 20:35:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 20:35:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 20:35:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 20:35:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 20:35:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 20:35:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 20:35:49 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 20:35:43 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 20:35:42 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 20:35:41 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 20:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 20:35:20 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 20:35:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 20:35:03 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 20:35:03 ----A---- C:\Windows\system32\osk.exe
2014-07-01 16:44:51 ----D---- C:\Program Files\Adblock Plus for IE
2014-07-01 16:44:46 ----D---- C:\ProgramData\Package Cache
2014-07-01 09:04:22 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-22 09:39:04 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Skype
2014-06-22 09:38:55 ----RD---- C:\Program Files (x86)\Skype
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-06-22 01:24:49 ----D---- C:\Users\Jaruneczka\AppData\Roaming\ManyCam
2014-06-22 01:23:38 ----D---- C:\Program Files (x86)\ManyCam
2014-06-22 00:15:50 ----D---- C:\Users\Jaruneczka\AppData\Roaming\CyberLink
2014-06-21 23:52:57 ----D---- C:\ProgramData\CyberLink
2014-06-21 20:31:00 ----D---- C:\ProgramData\Acer
2014-06-21 19:15:05 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Visicom Media
2014-06-21 19:09:00 ----D---- C:\ProgramData\Visicom Media
2014-06-21 19:08:54 ----D---- C:\Program Files\Visicom Media
2014-06-19 06:34:12 ----D---- C:\Program Files\Windows Doctor
2014-06-16 05:21:46 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-16 05:19:42 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Oracle
2014-06-16 05:17:29 ----A---- C:\Windows\system32\javaws.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-16 05:17:22 ----A---- C:\Windows\system32\javaw.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\java.exe
2014-06-16 05:17:01 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 months======
2014-07-13 19:19:30 ----D---- C:\Windows\Temp
2014-07-13 19:17:32 ----D---- C:\ProgramData\clear.fi
2014-07-13 19:17:17 ----D---- C:\Windows\system32\config
2014-07-13 19:15:24 ----D---- C:\Windows\Prefetch
2014-07-13 18:40:49 ----D---- C:\Windows
2014-07-13 18:38:18 ----A---- C:\Windows\win.ini
2014-07-13 17:31:13 ----D---- C:\Windows\SysWOW64
2014-07-13 17:23:15 ----D---- C:\Windows\system32\drivers
2014-07-13 17:23:00 ----D---- C:\Program Files (x86)\Common Files
2014-07-13 17:22:58 ----D---- C:\ProgramData
2014-07-13 16:31:02 ----RD---- C:\Program Files
2014-07-13 16:28:30 ----D---- C:\Program Files (x86)
2014-07-13 16:25:22 ----D---- C:\Windows\SoftwareDistribution
2014-07-13 16:22:16 ----D---- C:\Windows\debug
2014-07-13 16:01:34 ----SHD---- C:\Windows\Installer
2014-07-13 07:21:47 ----D---- C:\Windows\system32\Tasks
2014-07-12 16:08:15 ----D---- C:\Windows\rescache
2014-07-11 05:53:26 ----D---- C:\ProgramData\Skype
2014-07-10 15:47:40 ----D---- C:\Luba faktury stacík
2014-07-10 08:23:50 ----D---- C:\Program Files\Puran Utilities
2014-07-10 08:12:48 ----SHD---- C:\System Volume Information
2014-07-10 07:31:38 ----D---- C:\Program Files (x86)\Google
2014-07-10 07:31:37 ----D---- C:\Windows\Tasks
2014-07-10 06:53:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 09:50:38 ----D---- C:\Users\Jaruneczka\AppData\Roaming\PowerCinema
2014-07-09 06:17:23 ----D---- C:\Windows\inf
2014-07-09 05:46:23 ----D---- C:\Windows\system32\catroot2
2014-07-08 21:03:27 ----D---- C:\Windows\winsxs
2014-07-08 21:00:06 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 21:00:06 ----D---- C:\Windows\System32
2014-07-08 21:00:06 ----D---- C:\Program Files\Windows Journal
2014-07-08 21:00:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 21:00:05 ----D---- C:\Windows\system32\Dism
2014-07-08 21:00:04 ----D---- C:\Windows\ehome
2014-07-08 21:00:03 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 21:00:03 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 21:00:03 ----D---- C:\Program Files\Internet Explorer
2014-07-08 21:00:02 ----D---- C:\Windows\system32\en-US
2014-07-08 21:00:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 20:45:27 ----D---- C:\Windows\system32\MRT
2014-07-08 20:39:03 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 20:34:59 ----D---- C:\Windows\system32\catroot
2014-07-06 16:37:20 ----D---- C:\Fotky
2014-07-06 15:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 17:31:41 ----D---- C:\Program Files (x86)\Launch Manager
2014-07-04 08:02:21 ----D---- C:\Windows\system32\NDF
2014-07-02 06:24:34 ----A---- C:\Windows\wininit.ini
2014-07-02 06:24:30 ----SD---- C:\ProgramData\Microsoft
2014-06-27 06:55:45 ----D---- C:\Windows\SYSWOW64\config
2014-06-26 07:06:16 ----D---- C:\Program Files\CCleaner
2014-06-24 15:36:24 ----D---- C:\Zálohy
2014-06-22 10:14:22 ----D---- C:\Hry
2014-06-22 09:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:17:53 ----D---- C:\Program Files (x86)\47659
2014-06-22 06:57:27 ----D---- C:\Windows\system32\DriverStore
2014-06-22 01:24:49 ----AD---- C:\ProgramData\Temp
2014-06-22 01:08:48 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Mozilla
2014-06-22 00:09:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 00:08:36 ----D---- C:\Program Files (x86)\Acer
2014-06-21 19:57:46 ----D---- C:\Windows\system32\wbem
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\vlc
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\IrfanView
2014-06-21 19:56:50 ----D---- C:\Windows\system32\Macromed
2014-06-21 19:56:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-21 19:56:50 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-21 19:56:49 ----D---- C:\Windows\SYSWOW64\Macromed
2014-06-21 19:56:49 ----D---- C:\Windows\registration
2014-06-19 08:15:49 ----RSD---- C:\Windows\assembly
2014-06-19 08:15:49 ----D---- C:\Windows\Microsoft.NET
2014-06-16 05:21:53 ----D---- C:\ProgramData\Oracle
2014-06-16 05:21:40 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-11-20 4028928]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-11-28 34384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 117912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-05-13 42224]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 40896]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-09-03 21712]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-05-22 156360]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2014-07-13 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2013-11-28 318592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-23 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Run by Jaruneczka at 2014-07-13 19:19:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 254 GB (88%) free of 290 GB
Total RAM: 1900 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:34, on 13.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\trend micro\Jaruneczka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - Acer Incorporated - (no file)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7092 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {9C3BBC88-A0AC-464A-B35E-BE1D3EBC796C}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"taskhost.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {3578E3C7-14E2-45A0-BC2A-BADBC2ED7FC6}
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Users\Jaruneczka\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-16 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2000-01-01 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2000-01-01 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:/Program Files (x86)/ManyCam/ManyCam.exe --silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
C:\Windows\inf\msckgra.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2000-01-01 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsiVideo]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoResolveSearch"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-07-13 19:19:28 ----D---- C:\rsit
2014-07-13 19:14:15 ----D---- C:\_OTM
2014-07-13 18:40:49 ----AD---- C:\Windows\rundll16.exe
2014-07-13 18:40:49 ----AD---- C:\Windows\logo1_.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\VDLL.DLL
2014-07-13 17:31:13 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\RUNDL132.EXE
2014-07-13 17:31:13 ----AD---- C:\Windows\logo_1.exe
2014-07-13 17:23:15 ----A---- C:\Windows\system32\drivers\trufos.sys
2014-07-13 17:23:09 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2014-07-13 17:23:08 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2014-07-13 17:23:06 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2014-07-13 17:23:05 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2014-07-13 17:22:58 ----D---- C:\ProgramData\MicroWorld
2014-07-13 16:31:02 ----D---- C:\Program Files\trend micro
2014-07-13 16:10:55 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2014-07-13 11:55:44 ----D---- C:\Windows\ERUNT
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 20:36:02 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 20:35:59 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 20:35:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 20:35:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 20:35:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 20:35:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 20:35:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 20:35:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 20:35:49 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 20:35:43 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 20:35:42 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 20:35:41 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 20:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 20:35:20 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 20:35:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 20:35:03 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 20:35:03 ----A---- C:\Windows\system32\osk.exe
2014-07-01 16:44:51 ----D---- C:\Program Files\Adblock Plus for IE
2014-07-01 16:44:46 ----D---- C:\ProgramData\Package Cache
2014-07-01 09:04:22 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-22 09:39:04 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Skype
2014-06-22 09:38:55 ----RD---- C:\Program Files (x86)\Skype
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-06-22 01:24:49 ----D---- C:\Users\Jaruneczka\AppData\Roaming\ManyCam
2014-06-22 01:23:38 ----D---- C:\Program Files (x86)\ManyCam
2014-06-22 00:15:50 ----D---- C:\Users\Jaruneczka\AppData\Roaming\CyberLink
2014-06-21 23:52:57 ----D---- C:\ProgramData\CyberLink
2014-06-21 20:31:00 ----D---- C:\ProgramData\Acer
2014-06-21 19:15:05 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Visicom Media
2014-06-21 19:09:00 ----D---- C:\ProgramData\Visicom Media
2014-06-21 19:08:54 ----D---- C:\Program Files\Visicom Media
2014-06-19 06:34:12 ----D---- C:\Program Files\Windows Doctor
2014-06-16 05:21:46 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-16 05:19:42 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Oracle
2014-06-16 05:17:29 ----A---- C:\Windows\system32\javaws.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-16 05:17:22 ----A---- C:\Windows\system32\javaw.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\java.exe
2014-06-16 05:17:01 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 months======
2014-07-13 19:19:30 ----D---- C:\Windows\Temp
2014-07-13 19:17:32 ----D---- C:\ProgramData\clear.fi
2014-07-13 19:17:17 ----D---- C:\Windows\system32\config
2014-07-13 19:15:24 ----D---- C:\Windows\Prefetch
2014-07-13 18:40:49 ----D---- C:\Windows
2014-07-13 18:38:18 ----A---- C:\Windows\win.ini
2014-07-13 17:31:13 ----D---- C:\Windows\SysWOW64
2014-07-13 17:23:15 ----D---- C:\Windows\system32\drivers
2014-07-13 17:23:00 ----D---- C:\Program Files (x86)\Common Files
2014-07-13 17:22:58 ----D---- C:\ProgramData
2014-07-13 16:31:02 ----RD---- C:\Program Files
2014-07-13 16:28:30 ----D---- C:\Program Files (x86)
2014-07-13 16:25:22 ----D---- C:\Windows\SoftwareDistribution
2014-07-13 16:22:16 ----D---- C:\Windows\debug
2014-07-13 16:01:34 ----SHD---- C:\Windows\Installer
2014-07-13 07:21:47 ----D---- C:\Windows\system32\Tasks
2014-07-12 16:08:15 ----D---- C:\Windows\rescache
2014-07-11 05:53:26 ----D---- C:\ProgramData\Skype
2014-07-10 15:47:40 ----D---- C:\Luba faktury stacík
2014-07-10 08:23:50 ----D---- C:\Program Files\Puran Utilities
2014-07-10 08:12:48 ----SHD---- C:\System Volume Information
2014-07-10 07:31:38 ----D---- C:\Program Files (x86)\Google
2014-07-10 07:31:37 ----D---- C:\Windows\Tasks
2014-07-10 06:53:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 09:50:38 ----D---- C:\Users\Jaruneczka\AppData\Roaming\PowerCinema
2014-07-09 06:17:23 ----D---- C:\Windows\inf
2014-07-09 05:46:23 ----D---- C:\Windows\system32\catroot2
2014-07-08 21:03:27 ----D---- C:\Windows\winsxs
2014-07-08 21:00:06 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 21:00:06 ----D---- C:\Windows\System32
2014-07-08 21:00:06 ----D---- C:\Program Files\Windows Journal
2014-07-08 21:00:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 21:00:05 ----D---- C:\Windows\system32\Dism
2014-07-08 21:00:04 ----D---- C:\Windows\ehome
2014-07-08 21:00:03 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 21:00:03 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 21:00:03 ----D---- C:\Program Files\Internet Explorer
2014-07-08 21:00:02 ----D---- C:\Windows\system32\en-US
2014-07-08 21:00:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 20:45:27 ----D---- C:\Windows\system32\MRT
2014-07-08 20:39:03 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 20:34:59 ----D---- C:\Windows\system32\catroot
2014-07-06 16:37:20 ----D---- C:\Fotky
2014-07-06 15:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 17:31:41 ----D---- C:\Program Files (x86)\Launch Manager
2014-07-04 08:02:21 ----D---- C:\Windows\system32\NDF
2014-07-02 06:24:34 ----A---- C:\Windows\wininit.ini
2014-07-02 06:24:30 ----SD---- C:\ProgramData\Microsoft
2014-06-27 06:55:45 ----D---- C:\Windows\SYSWOW64\config
2014-06-26 07:06:16 ----D---- C:\Program Files\CCleaner
2014-06-24 15:36:24 ----D---- C:\Zálohy
2014-06-22 10:14:22 ----D---- C:\Hry
2014-06-22 09:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:17:53 ----D---- C:\Program Files (x86)\47659
2014-06-22 06:57:27 ----D---- C:\Windows\system32\DriverStore
2014-06-22 01:24:49 ----AD---- C:\ProgramData\Temp
2014-06-22 01:08:48 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Mozilla
2014-06-22 00:09:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 00:08:36 ----D---- C:\Program Files (x86)\Acer
2014-06-21 19:57:46 ----D---- C:\Windows\system32\wbem
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\vlc
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\IrfanView
2014-06-21 19:56:50 ----D---- C:\Windows\system32\Macromed
2014-06-21 19:56:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-21 19:56:50 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-21 19:56:49 ----D---- C:\Windows\SYSWOW64\Macromed
2014-06-21 19:56:49 ----D---- C:\Windows\registration
2014-06-19 08:15:49 ----RSD---- C:\Windows\assembly
2014-06-19 08:15:49 ----D---- C:\Windows\Microsoft.NET
2014-06-16 05:21:53 ----D---- C:\ProgramData\Oracle
2014-06-16 05:21:40 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-11-20 4028928]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-11-28 34384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 117912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-05-13 42224]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 40896]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-09-03 21712]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-05-22 156360]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2014-07-13 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2013-11-28 318592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-23 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
než jste se mi ozval, udělala jsem sken s MWaV, bylo tam několik dalších trojanů... zde log:
13 7 2014 17:32:02 [0d10] - **********************************************************
13 7 2014 17:32:02 [0d10] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 17:32:02 [0d10] - Copyright © MicroWorld Technologies
13 7 2014 17:32:02 [0d10] - **********************************************************
13 7 2014 17:32:02 [0d10] - Source: C:\Users\Jaruneczka\Desktop\mwav.exe
13 7 2014 17:32:02 [0d10] - Version 14.0.146 (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
13 7 2014 17:32:02 [0d10] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 17:32:02 [0d10] - MWAV Registered: TRUE
13 7 2014 17:32:02 [0d10] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 17:32:02 [0d10] - OS Type: Windows Workstation
13 7 2014 17:32:02 [0d10] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 17:32:02 [0d10] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 17:32:02 [0d10] - System Up Time: 1 Hour, 10 Minutes, 6 Seconds
13 7 2014 17:32:02 [0d10] - Parent Process Name : C:\Users\Jaruneczka\AppData\Local\Temp\mexe.com
13 7 2014 17:32:02 [0d10] - Windows Root Folder: C:\Windows
13 7 2014 17:32:02 [0d10] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 17:32:02 [0d10] - DHCP NameServer: 192.168.1.1
13 7 2014 17:32:02 [0d10] - Interface0 DHCPNameServer: 192.168.1.1
13 7 2014 17:32:02 [0d10] - Local Fixed Drives: c:\
13 7 2014 17:32:02 [0d10] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 17:32:02 [0d10] - [CREATED ZIP FILE: C:\Users\Jaruneczka\AppData\Local\Temp\pinfect.zip]
13 7 2014 17:32:02 [0d10] - Command Line Options Given: /xsign
13 7 2014 17:32:43 [0d10] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 17:32:43 [0d10] - Sign Version: 7.55839 [514591]
13 7 2014 17:32:43 [0d10] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\ESCANDB.LOG]
13 7 2014 17:32:44 [0d10] - Loaded/Created FileScan Cache Database...
13 7 2014 17:32:44 [0d10] - Loading AV Library [DB]...
13 7 2014 17:32:55 [0d10] - ArchiveScan: DISABLED
13 7 2014 17:32:57 [0d10] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
13 7 2014 17:32:57 [0d10] - MWAV doing self scanning...
13 7 2014 17:33:04 [0d10] - MWAV files are clean.
13 7 2014 17:33:12 [0d10] - ArchiveScan: DISABLED
13 7 2014 17:33:12 [0d10] - Virus Database Date: 13 Jul 2014
13 7 2014 17:33:12 [0d10] - Virus Database Count: 10922488
13 7 2014 17:34:59 [0d10] - ArchiveScan: ENABLED
13 7 2014 17:35:09 [0d10] - **********************************************************
13 7 2014 17:35:09 [0d10] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 17:35:09 [0d10] - Copyright © MicroWorld Technologies
13 7 2014 17:35:09 [0d10] -
13 7 2014 17:35:09 [0d10] - Support: support@escanav.com
13 7 2014 17:35:09 [0d10] - Web: http://www.escanav.com
13 7 2014 17:35:09 [0d10] - **********************************************************
13 7 2014 17:35:09 [0d10] - Version 14.0.146[DB] (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
13 7 2014 17:35:09 [0d10] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 17:35:09 [0d10] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 17:35:09 [0d10] - Parent Process Name : C:\Users\Jaruneczka\AppData\Local\Temp\mexe.com
13 7 2014 17:35:09 [0d10] - Windows Root Folder: C:\Windows
13 7 2014 17:35:09 [0d10] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 17:35:09 [0d10] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 17:35:09 [0d10] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 17:35:09 [0d10] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 17:35:09 [0d10] - Sign Version: 7.55839 [514591]
13 7 2014 17:35:14 [09c4] - Options Selected by User:
13 7 2014 17:35:14 [09c4] - Memory Check: Enabled
13 7 2014 17:35:14 [09c4] - Registry Check: Enabled
13 7 2014 17:35:14 [09c4] - StartUp Folder Check: Enabled
13 7 2014 17:35:14 [09c4] - System Folder Check: Enabled
13 7 2014 17:35:14 [09c4] - Services Check: Enabled
13 7 2014 17:35:14 [09c4] - Scan Spyware: Enabled
13 7 2014 17:35:14 [09c4] - Scan Archives: Enabled
13 7 2014 17:35:14 [09c4] - Drive Check: Disabled
13 7 2014 17:35:14 [09c4] - All Drive Check :Enabled
13 7 2014 17:35:14 [09c4] - Folder Check: Disabled
13 7 2014 17:35:14 [09c4] - SCAN: All_Files [ANSI]
13 7 2014 17:35:14 [09c4] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 17:35:14 [09c4] - Scanning DNS Records...
13 7 2014 17:35:14 [09c4] - Scanning Master Boot Record (User)...
13 7 2014 17:35:15 [09c4] - Scanning Logical Boot Records...
13 7 2014 17:35:17 [09c4] - ***** Scanning For Hidden Rootkit Processes *****
13 7 2014 17:35:18 [09c4] - ***** Scanning For Hidden Rootkit Services *****
13 7 2014 17:35:24 [09c4] - ***** Scanning Memory Files *****
13 7 2014 17:35:40 [09c4] - ***** Scanning Registry Files *****
13 7 2014 17:35:43 [09c4] - ERROR(3)!!! Invalid Entry cmdline = %SystemRoot%\system32\ntvdm.exe (in key HKLM\SYSTEM\CurrentControlSet\Control\WOW). Action Taken: Removing it.
13 7 2014 17:35:44 [09c4] - ***** Scanning StartUp Folders *****
13 7 2014 17:36:52 [0f18] - ScanFile (C:\ProgramData\Skype\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeToolbars.msi) took 8237 ms
13 7 2014 17:36:53 [0910] - ScanFile (C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeToolbars.msi) took 8908 ms
13 7 2014 17:36:53 [0714] - ScanFile (C:\ProgramData\Skype\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeToolbars.msi) took 7020 ms
13 7 2014 17:36:53 [0eb8] - ScanFile (C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}\Installer.exe) took 10000 ms
13 7 2014 17:36:54 [0ae4] - ScanFile (C:\ProgramData\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\Skype.msi) took 6942 ms
13 7 2014 17:36:54 [09c4] - ***** Scanning Service Files *****
13 7 2014 17:36:56 [09c4] - ERROR(2)!!! Invalid Entry %SystemRoot%\System32\appmgmts.dll. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt.
13 7 2014 17:37:01 [09c4] - ERROR(2)!!! Invalid Entry \??\C:\Users\JARUNE~1\AppData\Local\Temp\esihdrv.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\esihdrv.
13 7 2014 17:37:18 [09c4] - ***** Scanning Registry and File system for Adware/Spyware *****
13 7 2014 17:37:19 [09c4] - Loading Spyware Signatures from new External Database [Name: C:\Users\JARUNE~1\AppData\Local\Temp\spydb.avs, Size: 464717]...
13 7 2014 17:37:19 [09c4] - Indexed Spyware Databases Successfully Created...
13 7 2014 17:37:38 [09c4] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
13 7 2014 17:37:38 [09c4] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
13 7 2014 17:37:38 [09c4] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
13 7 2014 17:37:39 [09c4] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
13 7 2014 17:37:39 [09c4] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
13 7 2014 17:37:39 [09c4] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
13 7 2014 17:37:40 [09c4] - ***** Scanning Registry Files *****
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.centrum.cz/
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
13 7 2014 17:37:40 [09c4] - ***** Scanning System32 Folders *****
13 7 2014 17:38:59 [0eb8] - C:\Users\Jaruneczka\AppData\Local\Temp\bdcore.dll.12142947.mwt File already Scanned once... not able to clean.
13 7 2014 17:39:37 [09c4] - ***** Scanning All Drives *****
13 7 2014 17:39:37 [09c4] - ***** C: *****
13 7 2014 17:39:37 [09c4] - Scanning C:\ Drive
13 7 2014 17:39:58 [0910] - ScanFile (C:\Hry\Camera_Cyberlink_1.0.1904_W7x86x64\vcredist_x86.exe) took 5647 ms
13 7 2014 17:40:24 [0714] - ScanFile (C:\OEM\Preload\Autorun\APP\NTI Media Maker v9.0\NTI Media Maker 9.msi) took 5101 ms
13 7 2014 17:40:29 [0eb8] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_367.exe) took 9594 ms
13 7 2014 17:40:29 [0b90] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_368.exe) took 9859 ms
13 7 2014 17:40:29 [0a64] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_369.exe) took 10483 ms
13 7 2014 17:40:30 [0910] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_370.exe) took 10874 ms
13 7 2014 17:41:02 [074c] - ScanFile (C:\OEM\Preload\Autorun\DRV\Realtek Audio Codec ALC271X_VB3\PCEE4\DolbyHomeTheater.msi) took 10280 ms
13 7 2014 17:43:32 [0f18] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Espanol_ES.ui
13 7 2014 17:43:32 [0910] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Portugues_PT.ui
13 7 2014 17:43:32 [0a64] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Lietuviu_LT.ui
13 7 2014 17:43:39 [0b90] - ScanFile (C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 6100 ms
13 7 2014 17:44:25 [074c] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\32a210171cc89ac4a\UXPlatform.msi) took 5897 ms
13 7 2014 17:44:26 [0714] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\3028e20e1cc89ac44\crt90.msi) took 7457 ms
13 7 2014 17:44:30 [0ae4] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\35ea55d81cc89ac51\Messenger.msi) took 9703 ms
13 7 2014 17:44:47 [0f18] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\64ce915e1cc89ac116\writerlang.msi) took 6255 ms
13 7 2014 17:44:48 [074c] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\6889192c1cc89ac120\MailLang.msi) took 5132 ms
13 7 2014 17:44:58 [0714] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\7c6cb8961cc89ac156\writerlang.msi) took 5710 ms
13 7 2014 17:45:05 [0a64] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\913019591cc89ac185\MovieMaker.msi) took 5554 ms
13 7 2014 17:45:07 [0ae4] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\90af8f0b1cc89ac184\d-PhotoLibrary.msp) took 7815 ms
13 7 2014 17:48:36 [0ae4] - ScanFile (C:\Program Files (x86)\OpenOffice.org 3\OpenOffice.org 3.3 (cs) Installation Files\redist\vcredist_x86.exe) took 5133 ms
13 7 2014 17:49:07 [0a64] - ScanFile (C:\Program Files (x86)\Skype\Phone\Skype.exe) took 15631 ms
13 7 2014 17:50:19 [0b90] - Scanning File C:\System Volume Information\{37a00bbf-07e8-11e4-846c-047d7b1c90b3}{3808876b-c176-4e48-b7ae-04046e6cc752}
13 7 2014 17:50:19 [074c] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
13 7 2014 17:51:01 [074c] - C:\Users\Jaruneczka\AppData\Local\Temp\bdcore.dll.12142947.mwt File already Scanned once... not able to clean.
13 7 2014 17:51:51 [0910] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_60_x64\Data1.cab) took 6443 ms
13 7 2014 17:51:51 [0714] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_55\Data1.cab) took 6614 ms
13 7 2014 17:51:51 [0eb8] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_51_x64\Data1.cab) took 7129 ms
13 7 2014 17:52:06 [074c] - Scanning File C:\Users\Jaruneczka\Favorites\Krasobruslení\Philippe Candeloro - 1994 Olympics Gala - Rocki - YouTube.URL
13 7 2014 17:52:06 [0eb8] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim voce me mata) - YouTube.URL
13 7 2014 17:52:06 [0714] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Michel Teló - Barquinho Eu quero voce - DVD ao Vivo - OFICIAL - YouTube.URL
13 7 2014 17:52:06 [0f18] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo‘ole - YouTube.URL
13 7 2014 17:52:06 [0a64] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Nightwish - 08 High Hopes (End of An Era) Live.URL
13 7 2014 17:52:07 [0910] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Sophia Charai - Pichu-Pichu - YouTube.URL
13 7 2014 17:52:07 [0f18] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\SKUPINY CIZÍ\Nightwish - 08 High Hopes (End of An Era) Live.URL
13 7 2014 17:52:07 [0ae4] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\ČESKÉ\Kristi´na-Anjeli Lietaju´ Ni´zko - YouTube.URL
13 7 2014 17:52:49 [0ae4] - ScanFile (C:\Windows\assembly\NativeImages_v2.0.50727_32\mcepg\38e4b4d4c4cf98e359438769fae66149\mcepg.ni.dll) took 12448 ms
13 7 2014 17:53:53 [0a64] - Scanning File C:\Windows\inf\msmcxyf\msmcxyf.exe
13 7 2014 17:53:53 [0910] - Scanning File C:\Windows\inf\msixtydj\msixtydj.exe
13 7 2014 17:53:53 [0714] - Scanning File C:\Windows\inf\msmxqq\msmxqq.exe
13 7 2014 17:53:58 [0714] - File C:\Windows\inf\msmxqq\msmxqq.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:53:59 [0910] - File C:\Windows\inf\msixtydj\msixtydj.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:53:59 [0a64] - File C:\Windows\inf\msmcxyf\msmcxyf.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:54:33 [0f18] - ScanFile (C:\Windows\Installer\50620.msi) took 5928 ms
13 7 2014 17:54:33 [0eb8] - ScanFile (C:\Windows\Installer\5062a.msi) took 5928 ms
13 7 2014 17:54:48 [0eb8] - ScanFile (C:\Windows\Installer\50c23.msi) took 5803 ms
13 7 2014 17:54:55 [0714] - ScanFile (C:\Windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe) took 5101 ms
13 7 2014 17:59:30 [0ae4] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit37820.inf_amd64_neutral_c9a4db45be5bd57b\igdde32.dll) took 11326 ms
13 7 2014 17:59:30 [0910] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit37820.inf_amd64_neutral_c9a4db45be5bd57b\ig4icd32.dll) took 10187 ms
13 7 2014 18:00:48 [074c] - ScanFile (C:\Windows\System32\issacapi_pe-2.3.dll) took 6131 ms
13 7 2014 18:00:48 [0910] - ScanFile (C:\Windows\System32\issacapi_bs-2.3.dll) took 6131 ms
13 7 2014 18:00:48 [0f18] - ScanFile (C:\Windows\System32\issacapi_se-2.3.dll) took 6162 ms
13 7 2014 18:00:59 [0eb8] - ScanFile (C:\Windows\System32\log.txt) took 10842 ms
13 7 2014 18:00:59 [0eb8] - C:\Windows\System32\log.txt not Scanned. Possibly password protected...
13 7 2014 18:02:25 [0ae4] - ScanFile (C:\Windows\System32\xvidvfw.dll) took 12293 ms
13 7 2014 18:04:30 [074c] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-ehome-mcweblauncher_31bf3856ad364e35_6.1.7600.16385_none_5846a8771b202706\MediaCenterWebLauncher.exe) took 5569 ms
13 7 2014 18:12:01 [0b90] - ScanFile (C:\Windows\winsxs\amd64_netfx-ieexec_b03f5f7f11d50a3a_6.1.7600.16385_none_7dfc94f7357c56d2\IEExec.exe) took 18642 ms
13 7 2014 18:12:36 [0f18] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.17933_none_0804e1f7c5c64bf1\OxpsConverter.exe) took 19625 ms
13 7 2014 18:12:36 [0eb8] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.22091_none_084b74e2df1696ce\OxpsConverter.exe) took 19422 ms
13 7 2014 18:17:24 [0714] - ScanFile (C:\Windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.1.7601.17514_none_c1c1077951dca19a\Microsoft.VisualBasic.Compatibility.dll) took 31777 ms
13 7 2014 18:17:24 [0714] - Scanning of C:\Windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.1.7601.17514_none_c1c1077951dca19a\Microsoft.VisualBasic.Compatibility.dll Timed out!!!
13 7 2014 18:18:02 [0a64] - ScanFile (C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_11.2.9600.16428_none_4605aca152cc8281\mshta.exe) took 16286 ms
13 7 2014 18:19:21 [0910] - ScanFile (C:\Windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.1.7601.17514_none_dcb7f7ddcfc3be12\ISymWrapper.dll) took 7332 ms
13 7 2014 18:20:33 [0b90] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_11.2.9600.16428_none_b436382b203656be\ExtExport.exe) took 13088 ms
13 7 2014 18:20:33 [0910] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_11.2.9600.16428_none_441eccc2f13eab51\iecleanup.exe) took 15023 ms
13 7 2014 18:20:33 [074c] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_11.2.9600.16428_none_828666943772c435\msfeedssync.exe) took 15522 ms
13 7 2014 18:20:33 [0a64] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-pdm-configuration_31bf3856ad364e35_11.2.9600.16428_none_d6876629731ce419\PDMSetup.exe) took 11388 ms
13 7 2014 18:22:31 [0eb8] - ScanFile (C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30411.0_none_dba7eb55a0823cdf\msvcm90.dll) took 12184 ms
13 7 2014 18:23:06 [0ae4] - ScanFile (C:\Windows\winsxs\x86_system.printing_31bf3856ad364e35_6.1.7601.18140_none_75233d5cd47a7a2e\System.Printing.dll) took 10951 ms
13 7 2014 18:23:06 [0910] - ScanFile (C:\Windows\winsxs\x86_system.printing_31bf3856ad364e35_6.1.7601.22309_none_75e11e57ed6f8b6a\System.Printing.dll) took 10842 ms
13 7 2014 18:23:09 [09c4] - Closing all applications and shutting down PC...
13 7 2014 18:23:13 [09c4] - ***** Checking for specific ITW Viruses *****
13 7 2014 18:23:13 [09c4] - ***** Scanning complete. *****
13 7 2014 18:23:13 [09c4] - Total Objects Scanned: 180618
13 7 2014 18:23:13 [09c4] - Total Critical Objects: 5
13 7 2014 18:23:13 [09c4] - Total Disinfected Objects: 0
13 7 2014 18:23:13 [09c4] - Total Objects Renamed: 3
13 7 2014 18:23:13 [09c4] - Total Deleted Objects: 2
13 7 2014 18:23:13 [09c4] - Total Errors: 3
13 7 2014 18:23:13 [09c4] - Time Elapsed: 00:47:18
13 7 2014 18:23:13 [09c4] - Virus Database Date: 13 Jul 2014
13 7 2014 18:23:13 [09c4] - Virus Database Count: 10922488
13 7 2014 18:23:13 [09c4] - Scan Completed.
13 7 2014 18:32:25 [07c4] - **********************************************************
13 7 2014 18:32:25 [07c4] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 18:32:25 [07c4] - Copyright © MicroWorld Technologies
13 7 2014 18:32:25 [07c4] - **********************************************************
13 7 2014 18:32:25 [07c4] - Version 14.0.146 (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
13 7 2014 18:32:25 [07c4] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 18:32:25 [07c4] - Last Scan Date and Time: 13.07.2014 17:35:14
13 7 2014 18:32:25 [07c4] - MWAV Registered: TRUE
13 7 2014 18:32:25 [07c4] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 18:32:25 [07c4] - OS Type: Windows Workstation
13 7 2014 18:32:25 [07c4] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 18:32:25 [07c4] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 18:32:25 [07c4] - System Up Time: 2 Minutes, 49 Seconds
13 7 2014 18:32:25 [07c4] - Parent Process Name : c:\Windows\explorer.exe
13 7 2014 18:32:25 [07c4] - Windows Root Folder: C:\Windows
13 7 2014 18:32:25 [07c4] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 18:32:25 [07c4] - DHCP NameServer: 192.168.1.1
13 7 2014 18:32:25 [07c4] - Interface0 DHCPNameServer: 192.168.1.1
13 7 2014 18:32:25 [07c4] - Local Fixed Drives: c:\
13 7 2014 18:32:25 [07c4] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 18:32:25 [07c4] - [CREATED ZIP FILE: C:\Users\Jaruneczka\AppData\Local\Temp\pinfect.zip]
13 7 2014 18:33:27 [07c4] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 18:33:27 [07c4] - Sign Version: 7.55839 [514591]
13 7 2014 18:33:30 [07c4] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\ESCANDB.LOG]
13 7 2014 18:33:42 [07c4] - Loaded/Created FileScan Cache Database...
13 7 2014 18:33:42 [07c4] - Loading AV Library [DB]...
13 7 2014 18:33:46 [07c4] - ArchiveScan: ENABLED
13 7 2014 18:33:46 [07c4] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
13 7 2014 18:33:46 [07c4] - MWAV doing self scanning...
13 7 2014 18:33:49 [07c4] - MWAV files are clean.
13 7 2014 18:33:51 [07c4] - ArchiveScan: ENABLED
13 7 2014 18:33:51 [07c4] - Virus Database Date: 13 Jul 2014
13 7 2014 18:33:51 [07c4] - Virus Database Count: 10922488
13 7 2014 17:32:02 [0d10] - **********************************************************
13 7 2014 17:32:02 [0d10] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 17:32:02 [0d10] - Copyright © MicroWorld Technologies
13 7 2014 17:32:02 [0d10] - **********************************************************
13 7 2014 17:32:02 [0d10] - Source: C:\Users\Jaruneczka\Desktop\mwav.exe
13 7 2014 17:32:02 [0d10] - Version 14.0.146 (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
13 7 2014 17:32:02 [0d10] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 17:32:02 [0d10] - MWAV Registered: TRUE
13 7 2014 17:32:02 [0d10] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 17:32:02 [0d10] - OS Type: Windows Workstation
13 7 2014 17:32:02 [0d10] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 17:32:02 [0d10] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 17:32:02 [0d10] - System Up Time: 1 Hour, 10 Minutes, 6 Seconds
13 7 2014 17:32:02 [0d10] - Parent Process Name : C:\Users\Jaruneczka\AppData\Local\Temp\mexe.com
13 7 2014 17:32:02 [0d10] - Windows Root Folder: C:\Windows
13 7 2014 17:32:02 [0d10] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 17:32:02 [0d10] - DHCP NameServer: 192.168.1.1
13 7 2014 17:32:02 [0d10] - Interface0 DHCPNameServer: 192.168.1.1
13 7 2014 17:32:02 [0d10] - Local Fixed Drives: c:\
13 7 2014 17:32:02 [0d10] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 17:32:02 [0d10] - [CREATED ZIP FILE: C:\Users\Jaruneczka\AppData\Local\Temp\pinfect.zip]
13 7 2014 17:32:02 [0d10] - Command Line Options Given: /xsign
13 7 2014 17:32:43 [0d10] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 17:32:43 [0d10] - Sign Version: 7.55839 [514591]
13 7 2014 17:32:43 [0d10] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\ESCANDB.LOG]
13 7 2014 17:32:44 [0d10] - Loaded/Created FileScan Cache Database...
13 7 2014 17:32:44 [0d10] - Loading AV Library [DB]...
13 7 2014 17:32:55 [0d10] - ArchiveScan: DISABLED
13 7 2014 17:32:57 [0d10] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
13 7 2014 17:32:57 [0d10] - MWAV doing self scanning...
13 7 2014 17:33:04 [0d10] - MWAV files are clean.
13 7 2014 17:33:12 [0d10] - ArchiveScan: DISABLED
13 7 2014 17:33:12 [0d10] - Virus Database Date: 13 Jul 2014
13 7 2014 17:33:12 [0d10] - Virus Database Count: 10922488
13 7 2014 17:34:59 [0d10] - ArchiveScan: ENABLED
13 7 2014 17:35:09 [0d10] - **********************************************************
13 7 2014 17:35:09 [0d10] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 17:35:09 [0d10] - Copyright © MicroWorld Technologies
13 7 2014 17:35:09 [0d10] -
13 7 2014 17:35:09 [0d10] - Support: support@escanav.com
13 7 2014 17:35:09 [0d10] - Web: http://www.escanav.com
13 7 2014 17:35:09 [0d10] - **********************************************************
13 7 2014 17:35:09 [0d10] - Version 14.0.146[DB] (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MEXETMP.EX~)
13 7 2014 17:35:09 [0d10] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 17:35:09 [0d10] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 17:35:09 [0d10] - Parent Process Name : C:\Users\Jaruneczka\AppData\Local\Temp\mexe.com
13 7 2014 17:35:09 [0d10] - Windows Root Folder: C:\Windows
13 7 2014 17:35:09 [0d10] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 17:35:09 [0d10] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 17:35:09 [0d10] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 17:35:09 [0d10] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 17:35:09 [0d10] - Sign Version: 7.55839 [514591]
13 7 2014 17:35:14 [09c4] - Options Selected by User:
13 7 2014 17:35:14 [09c4] - Memory Check: Enabled
13 7 2014 17:35:14 [09c4] - Registry Check: Enabled
13 7 2014 17:35:14 [09c4] - StartUp Folder Check: Enabled
13 7 2014 17:35:14 [09c4] - System Folder Check: Enabled
13 7 2014 17:35:14 [09c4] - Services Check: Enabled
13 7 2014 17:35:14 [09c4] - Scan Spyware: Enabled
13 7 2014 17:35:14 [09c4] - Scan Archives: Enabled
13 7 2014 17:35:14 [09c4] - Drive Check: Disabled
13 7 2014 17:35:14 [09c4] - All Drive Check :Enabled
13 7 2014 17:35:14 [09c4] - Folder Check: Disabled
13 7 2014 17:35:14 [09c4] - SCAN: All_Files [ANSI]
13 7 2014 17:35:14 [09c4] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 17:35:14 [09c4] - Scanning DNS Records...
13 7 2014 17:35:14 [09c4] - Scanning Master Boot Record (User)...
13 7 2014 17:35:15 [09c4] - Scanning Logical Boot Records...
13 7 2014 17:35:17 [09c4] - ***** Scanning For Hidden Rootkit Processes *****
13 7 2014 17:35:18 [09c4] - ***** Scanning For Hidden Rootkit Services *****
13 7 2014 17:35:24 [09c4] - ***** Scanning Memory Files *****
13 7 2014 17:35:40 [09c4] - ***** Scanning Registry Files *****
13 7 2014 17:35:43 [09c4] - ERROR(3)!!! Invalid Entry cmdline = %SystemRoot%\system32\ntvdm.exe (in key HKLM\SYSTEM\CurrentControlSet\Control\WOW). Action Taken: Removing it.
13 7 2014 17:35:44 [09c4] - ***** Scanning StartUp Folders *****
13 7 2014 17:36:52 [0f18] - ScanFile (C:\ProgramData\Skype\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeToolbars.msi) took 8237 ms
13 7 2014 17:36:53 [0910] - ScanFile (C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeToolbars.msi) took 8908 ms
13 7 2014 17:36:53 [0714] - ScanFile (C:\ProgramData\Skype\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}\SkypeToolbars.msi) took 7020 ms
13 7 2014 17:36:53 [0eb8] - ScanFile (C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}\Installer.exe) took 10000 ms
13 7 2014 17:36:54 [0ae4] - ScanFile (C:\ProgramData\Skype\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\Skype.msi) took 6942 ms
13 7 2014 17:36:54 [09c4] - ***** Scanning Service Files *****
13 7 2014 17:36:56 [09c4] - ERROR(2)!!! Invalid Entry %SystemRoot%\System32\appmgmts.dll. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\AppMgmt.
13 7 2014 17:37:01 [09c4] - ERROR(2)!!! Invalid Entry \??\C:\Users\JARUNE~1\AppData\Local\Temp\esihdrv.sys. Action Taken: Removing HKLM\SYSTEM\CurrentControlSet\Services\esihdrv.
13 7 2014 17:37:18 [09c4] - ***** Scanning Registry and File system for Adware/Spyware *****
13 7 2014 17:37:19 [09c4] - Loading Spyware Signatures from new External Database [Name: C:\Users\JARUNE~1\AppData\Local\Temp\spydb.avs, Size: 464717]...
13 7 2014 17:37:19 [09c4] - Indexed Spyware Databases Successfully Created...
13 7 2014 17:37:38 [09c4] - Offending Registry Entry found: HKCU\Software\Microsoft\OLE
13 7 2014 17:37:38 [09c4] - System found infected with Backdoor (IRCBot) Trojans Spyware/Adware (HKCU\Software\Microsoft\OLE)! Action taken: Entries Removed.
13 7 2014 17:37:38 [09c4] - Object "Backdoor (IRCBot) Trojans Spyware/Adware" found in File System! Action Taken: Entries Removed.
13 7 2014 17:37:39 [09c4] - Offending Registry Entry found: HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers
13 7 2014 17:37:39 [09c4] - System found infected with AntiSpyware Pro XP Corrupted Adware/Spyware (HKCU\Software\Microsoft\Windows\CurrentVersion\Drivers)! Action taken: Entries Removed.
13 7 2014 17:37:39 [09c4] - Object "AntiSpyware Pro XP Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
13 7 2014 17:37:40 [09c4] - ***** Scanning Registry Files *****
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\main/Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = http://www.centrum.cz/
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
13 7 2014 17:37:40 [09c4] - ** Value in HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
13 7 2014 17:37:40 [09c4] - ** Value in 64-bit HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\main/Start Page = about:blank
13 7 2014 17:37:40 [09c4] - ***** Scanning System32 Folders *****
13 7 2014 17:38:59 [0eb8] - C:\Users\Jaruneczka\AppData\Local\Temp\bdcore.dll.12142947.mwt File already Scanned once... not able to clean.
13 7 2014 17:39:37 [09c4] - ***** Scanning All Drives *****
13 7 2014 17:39:37 [09c4] - ***** C: *****
13 7 2014 17:39:37 [09c4] - Scanning C:\ Drive
13 7 2014 17:39:58 [0910] - ScanFile (C:\Hry\Camera_Cyberlink_1.0.1904_W7x86x64\vcredist_x86.exe) took 5647 ms
13 7 2014 17:40:24 [0714] - ScanFile (C:\OEM\Preload\Autorun\APP\NTI Media Maker v9.0\NTI Media Maker 9.msi) took 5101 ms
13 7 2014 17:40:29 [0eb8] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_367.exe) took 9594 ms
13 7 2014 17:40:29 [0b90] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_368.exe) took 9859 ms
13 7 2014 17:40:29 [0a64] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_369.exe) took 10483 ms
13 7 2014 17:40:30 [0910] - ScanFile (C:\OEM\Preload\Autorun\APP\Skype\SkypeSetupFull_370.exe) took 10874 ms
13 7 2014 17:41:02 [074c] - ScanFile (C:\OEM\Preload\Autorun\DRV\Realtek Audio Codec ALC271X_VB3\PCEE4\DolbyHomeTheater.msi) took 10280 ms
13 7 2014 17:43:32 [0f18] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Espanol_ES.ui
13 7 2014 17:43:32 [0910] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Portugues_PT.ui
13 7 2014 17:43:32 [0a64] - Scanning File C:\Program Files (x86)\Acer\Registration\Acer\Languages\Lietuviu_LT.ui
13 7 2014 17:43:39 [0b90] - ScanFile (C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\libcef.dll) took 6100 ms
13 7 2014 17:44:25 [074c] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\32a210171cc89ac4a\UXPlatform.msi) took 5897 ms
13 7 2014 17:44:26 [0714] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\3028e20e1cc89ac44\crt90.msi) took 7457 ms
13 7 2014 17:44:30 [0ae4] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\35ea55d81cc89ac51\Messenger.msi) took 9703 ms
13 7 2014 17:44:47 [0f18] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\64ce915e1cc89ac116\writerlang.msi) took 6255 ms
13 7 2014 17:44:48 [074c] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\6889192c1cc89ac120\MailLang.msi) took 5132 ms
13 7 2014 17:44:58 [0714] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\7c6cb8961cc89ac156\writerlang.msi) took 5710 ms
13 7 2014 17:45:05 [0a64] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\913019591cc89ac185\MovieMaker.msi) took 5554 ms
13 7 2014 17:45:07 [0ae4] - ScanFile (C:\Program Files (x86)\Common Files\Windows Live\.cache\90af8f0b1cc89ac184\d-PhotoLibrary.msp) took 7815 ms
13 7 2014 17:48:36 [0ae4] - ScanFile (C:\Program Files (x86)\OpenOffice.org 3\OpenOffice.org 3.3 (cs) Installation Files\redist\vcredist_x86.exe) took 5133 ms
13 7 2014 17:49:07 [0a64] - ScanFile (C:\Program Files (x86)\Skype\Phone\Skype.exe) took 15631 ms
13 7 2014 17:50:19 [0b90] - Scanning File C:\System Volume Information\{37a00bbf-07e8-11e4-846c-047d7b1c90b3}{3808876b-c176-4e48-b7ae-04046e6cc752}
13 7 2014 17:50:19 [074c] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
13 7 2014 17:51:01 [074c] - C:\Users\Jaruneczka\AppData\Local\Temp\bdcore.dll.12142947.mwt File already Scanned once... not able to clean.
13 7 2014 17:51:51 [0910] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_60_x64\Data1.cab) took 6443 ms
13 7 2014 17:51:51 [0714] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_55\Data1.cab) took 6614 ms
13 7 2014 17:51:51 [0eb8] - ScanFile (C:\Users\Jaruneczka\AppData\LocalLow\Sun\Java\jre1.7.0_51_x64\Data1.cab) took 7129 ms
13 7 2014 17:52:06 [074c] - Scanning File C:\Users\Jaruneczka\Favorites\Krasobruslení\Philippe Candeloro - 1994 Olympics Gala - Rocki - YouTube.URL
13 7 2014 17:52:06 [0eb8] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Michel Teló - Ai Se Eu Te Pego - Oficial (Assim voce me mata) - YouTube.URL
13 7 2014 17:52:06 [0714] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Michel Teló - Barquinho Eu quero voce - DVD ao Vivo - OFICIAL - YouTube.URL
13 7 2014 17:52:06 [0f18] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\OFFICIAL Somewhere over the Rainbow - Israel IZ Kamakawiwo‘ole - YouTube.URL
13 7 2014 17:52:06 [0a64] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Nightwish - 08 High Hopes (End of An Era) Live.URL
13 7 2014 17:52:07 [0910] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\CIZÍ\Sophia Charai - Pichu-Pichu - YouTube.URL
13 7 2014 17:52:07 [0f18] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\SKUPINY CIZÍ\Nightwish - 08 High Hopes (End of An Era) Live.URL
13 7 2014 17:52:07 [0ae4] - Scanning File C:\Users\Jaruneczka\Favorites\LUBOŠEK HUDBA\ČESKÉ\Kristi´na-Anjeli Lietaju´ Ni´zko - YouTube.URL
13 7 2014 17:52:49 [0ae4] - ScanFile (C:\Windows\assembly\NativeImages_v2.0.50727_32\mcepg\38e4b4d4c4cf98e359438769fae66149\mcepg.ni.dll) took 12448 ms
13 7 2014 17:53:53 [0a64] - Scanning File C:\Windows\inf\msmcxyf\msmcxyf.exe
13 7 2014 17:53:53 [0910] - Scanning File C:\Windows\inf\msixtydj\msixtydj.exe
13 7 2014 17:53:53 [0714] - Scanning File C:\Windows\inf\msmxqq\msmxqq.exe
13 7 2014 17:53:58 [0714] - File C:\Windows\inf\msmxqq\msmxqq.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:53:59 [0910] - File C:\Windows\inf\msixtydj\msixtydj.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:53:59 [0a64] - File C:\Windows\inf\msmcxyf\msmcxyf.exe infected by "Trojan.Generic.9730763 (DB)" Virus! Action Taken: File Renamed.
13 7 2014 17:54:33 [0f18] - ScanFile (C:\Windows\Installer\50620.msi) took 5928 ms
13 7 2014 17:54:33 [0eb8] - ScanFile (C:\Windows\Installer\5062a.msi) took 5928 ms
13 7 2014 17:54:48 [0eb8] - ScanFile (C:\Windows\Installer\50c23.msi) took 5803 ms
13 7 2014 17:54:55 [0714] - ScanFile (C:\Windows\Installer\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe) took 5101 ms
13 7 2014 17:59:30 [0ae4] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit37820.inf_amd64_neutral_c9a4db45be5bd57b\igdde32.dll) took 11326 ms
13 7 2014 17:59:30 [0910] - ScanFile (C:\Windows\System32\DriverStore\FileRepository\kit37820.inf_amd64_neutral_c9a4db45be5bd57b\ig4icd32.dll) took 10187 ms
13 7 2014 18:00:48 [074c] - ScanFile (C:\Windows\System32\issacapi_pe-2.3.dll) took 6131 ms
13 7 2014 18:00:48 [0910] - ScanFile (C:\Windows\System32\issacapi_bs-2.3.dll) took 6131 ms
13 7 2014 18:00:48 [0f18] - ScanFile (C:\Windows\System32\issacapi_se-2.3.dll) took 6162 ms
13 7 2014 18:00:59 [0eb8] - ScanFile (C:\Windows\System32\log.txt) took 10842 ms
13 7 2014 18:00:59 [0eb8] - C:\Windows\System32\log.txt not Scanned. Possibly password protected...
13 7 2014 18:02:25 [0ae4] - ScanFile (C:\Windows\System32\xvidvfw.dll) took 12293 ms
13 7 2014 18:04:30 [074c] - ScanFile (C:\Windows\winsxs\amd64_microsoft-windows-ehome-mcweblauncher_31bf3856ad364e35_6.1.7600.16385_none_5846a8771b202706\MediaCenterWebLauncher.exe) took 5569 ms
13 7 2014 18:12:01 [0b90] - ScanFile (C:\Windows\winsxs\amd64_netfx-ieexec_b03f5f7f11d50a3a_6.1.7600.16385_none_7dfc94f7357c56d2\IEExec.exe) took 18642 ms
13 7 2014 18:12:36 [0f18] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.17933_none_0804e1f7c5c64bf1\OxpsConverter.exe) took 19625 ms
13 7 2014 18:12:36 [0eb8] - ScanFile (C:\Windows\winsxs\amd64_oxpsconverter_31bf3856ad364e35_6.1.7601.22091_none_084b74e2df1696ce\OxpsConverter.exe) took 19422 ms
13 7 2014 18:17:24 [0714] - ScanFile (C:\Windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.1.7601.17514_none_c1c1077951dca19a\Microsoft.VisualBasic.Compatibility.dll) took 31777 ms
13 7 2014 18:17:24 [0714] - Scanning of C:\Windows\winsxs\msil_microsoft.visualbasic.compatibility_b03f5f7f11d50a3a_6.1.7601.17514_none_c1c1077951dca19a\Microsoft.VisualBasic.Compatibility.dll Timed out!!!
13 7 2014 18:18:02 [0a64] - ScanFile (C:\Windows\winsxs\wow64_microsoft-windows-ie-htmlapplication_31bf3856ad364e35_11.2.9600.16428_none_4605aca152cc8281\mshta.exe) took 16286 ms
13 7 2014 18:19:21 [0910] - ScanFile (C:\Windows\winsxs\x86_isymwrapper_b03f5f7f11d50a3a_6.1.7601.17514_none_dcb7f7ddcfc3be12\ISymWrapper.dll) took 7332 ms
13 7 2014 18:20:33 [0b90] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-impexp-extexport_31bf3856ad364e35_11.2.9600.16428_none_b436382b203656be\ExtExport.exe) took 13088 ms
13 7 2014 18:20:33 [0910] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-iecleanup_31bf3856ad364e35_11.2.9600.16428_none_441eccc2f13eab51\iecleanup.exe) took 15023 ms
13 7 2014 18:20:33 [074c] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_11.2.9600.16428_none_828666943772c435\msfeedssync.exe) took 15522 ms
13 7 2014 18:20:33 [0a64] - ScanFile (C:\Windows\winsxs\x86_microsoft-windows-ie-pdm-configuration_31bf3856ad364e35_11.2.9600.16428_none_d6876629731ce419\PDMSetup.exe) took 11388 ms
13 7 2014 18:22:31 [0eb8] - ScanFile (C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30411.0_none_dba7eb55a0823cdf\msvcm90.dll) took 12184 ms
13 7 2014 18:23:06 [0ae4] - ScanFile (C:\Windows\winsxs\x86_system.printing_31bf3856ad364e35_6.1.7601.18140_none_75233d5cd47a7a2e\System.Printing.dll) took 10951 ms
13 7 2014 18:23:06 [0910] - ScanFile (C:\Windows\winsxs\x86_system.printing_31bf3856ad364e35_6.1.7601.22309_none_75e11e57ed6f8b6a\System.Printing.dll) took 10842 ms
13 7 2014 18:23:09 [09c4] - Closing all applications and shutting down PC...
13 7 2014 18:23:13 [09c4] - ***** Checking for specific ITW Viruses *****
13 7 2014 18:23:13 [09c4] - ***** Scanning complete. *****
13 7 2014 18:23:13 [09c4] - Total Objects Scanned: 180618
13 7 2014 18:23:13 [09c4] - Total Critical Objects: 5
13 7 2014 18:23:13 [09c4] - Total Disinfected Objects: 0
13 7 2014 18:23:13 [09c4] - Total Objects Renamed: 3
13 7 2014 18:23:13 [09c4] - Total Deleted Objects: 2
13 7 2014 18:23:13 [09c4] - Total Errors: 3
13 7 2014 18:23:13 [09c4] - Time Elapsed: 00:47:18
13 7 2014 18:23:13 [09c4] - Virus Database Date: 13 Jul 2014
13 7 2014 18:23:13 [09c4] - Virus Database Count: 10922488
13 7 2014 18:23:13 [09c4] - Scan Completed.
13 7 2014 18:32:25 [07c4] - **********************************************************
13 7 2014 18:32:25 [07c4] - MWAV - eScanAV AntiVirus Toolkit.
13 7 2014 18:32:25 [07c4] - Copyright © MicroWorld Technologies
13 7 2014 18:32:25 [07c4] - **********************************************************
13 7 2014 18:32:25 [07c4] - Version 14.0.146 (C:\USERS\JARUNECZKA\APPDATA\LOCAL\TEMP\MWAVSCAN.EXE)
13 7 2014 18:32:25 [07c4] - Log File: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\MWAV.LOG
13 7 2014 18:32:25 [07c4] - Last Scan Date and Time: 13.07.2014 17:35:14
13 7 2014 18:32:25 [07c4] - MWAV Registered: TRUE
13 7 2014 18:32:25 [07c4] - User Account: Jaruneczka (Administrator Mode)
13 7 2014 18:32:25 [07c4] - OS Type: Windows Workstation
13 7 2014 18:32:25 [07c4] - OS: Windows 7 64-Bit [OS Install Date: 26 Apr 2012 18:41:23]
13 7 2014 18:32:25 [07c4] - Ver: Personal Service Pack 1 (Build 7601)
13 7 2014 18:32:25 [07c4] - System Up Time: 2 Minutes, 49 Seconds
13 7 2014 18:32:25 [07c4] - Parent Process Name : c:\Windows\explorer.exe
13 7 2014 18:32:25 [07c4] - Windows Root Folder: C:\Windows
13 7 2014 18:32:25 [07c4] - Windows Sys32 Folder: C:\Windows\system32
13 7 2014 18:32:25 [07c4] - DHCP NameServer: 192.168.1.1
13 7 2014 18:32:25 [07c4] - Interface0 DHCPNameServer: 192.168.1.1
13 7 2014 18:32:25 [07c4] - Local Fixed Drives: c:\
13 7 2014 18:32:25 [07c4] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
13 7 2014 18:32:25 [07c4] - [CREATED ZIP FILE: C:\Users\Jaruneczka\AppData\Local\Temp\pinfect.zip]
13 7 2014 18:33:27 [07c4] - Latest Date of files inside MWAV: Sun Jul 13 18:07:17 2014.
13 7 2014 18:33:27 [07c4] - Sign Version: 7.55839 [514591]
13 7 2014 18:33:30 [07c4] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\Jaruneczka\AppData\Local\Temp\LOG\ESCANDB.LOG]
13 7 2014 18:33:42 [07c4] - Loaded/Created FileScan Cache Database...
13 7 2014 18:33:42 [07c4] - Loading AV Library [DB]...
13 7 2014 18:33:46 [07c4] - ArchiveScan: ENABLED
13 7 2014 18:33:46 [07c4] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
13 7 2014 18:33:46 [07c4] - MWAV doing self scanning...
13 7 2014 18:33:49 [07c4] - MWAV files are clean.
13 7 2014 18:33:51 [07c4] - ArchiveScan: ENABLED
13 7 2014 18:33:51 [07c4] - Virus Database Date: 13 Jul 2014
13 7 2014 18:33:51 [07c4] - Virus Database Count: 10922488
-
Rudy
- Site Admin
- Příspěvky: 119317
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
OTM, bohužel, nemazal, vše tam zůstalo. Zkuste to ještě jednou se stejným skriptem a před skenem vypněte antivir. MWAV, bohužel už není, co býval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Logfile of random's system information tool 1.08 (written by random/random)
Run by Jaruneczka at 2014-07-13 19:39:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 254 GB (88%) free of 290 GB
Total RAM: 1900 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:30, on 13.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\trend micro\Jaruneczka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - Acer Incorporated - (no file)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7092 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B496E09F-9772-4297-972E-82327E4CCFED}
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {86EFF165-B92D-4DDC-95FF-229EBE6A1CF0}
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Jaruneczka\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-16 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2000-01-01 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2000-01-01 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:/Program Files (x86)/ManyCam/ManyCam.exe --silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
C:\Windows\inf\msckgra.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2000-01-01 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsiVideo]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoResolveSearch"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-07-13 19:19:28 ----D---- C:\rsit
2014-07-13 19:14:15 ----D---- C:\_OTM
2014-07-13 18:40:49 ----AD---- C:\Windows\rundll16.exe
2014-07-13 18:40:49 ----AD---- C:\Windows\logo1_.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\VDLL.DLL
2014-07-13 17:31:13 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\RUNDL132.EXE
2014-07-13 17:31:13 ----AD---- C:\Windows\logo_1.exe
2014-07-13 17:23:15 ----A---- C:\Windows\system32\drivers\trufos.sys
2014-07-13 17:23:09 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2014-07-13 17:23:08 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2014-07-13 17:23:06 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2014-07-13 17:23:05 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2014-07-13 17:22:58 ----D---- C:\ProgramData\MicroWorld
2014-07-13 16:31:02 ----D---- C:\Program Files\trend micro
2014-07-13 16:10:55 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2014-07-13 11:55:44 ----D---- C:\Windows\ERUNT
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 20:36:02 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 20:35:59 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 20:35:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 20:35:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 20:35:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 20:35:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 20:35:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 20:35:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 20:35:49 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 20:35:43 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 20:35:42 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 20:35:41 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 20:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 20:35:20 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 20:35:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 20:35:03 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 20:35:03 ----A---- C:\Windows\system32\osk.exe
2014-07-01 16:44:51 ----D---- C:\Program Files\Adblock Plus for IE
2014-07-01 16:44:46 ----D---- C:\ProgramData\Package Cache
2014-07-01 09:04:22 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-22 09:39:04 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Skype
2014-06-22 09:38:55 ----RD---- C:\Program Files (x86)\Skype
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-06-22 01:24:49 ----D---- C:\Users\Jaruneczka\AppData\Roaming\ManyCam
2014-06-22 01:23:38 ----D---- C:\Program Files (x86)\ManyCam
2014-06-22 00:15:50 ----D---- C:\Users\Jaruneczka\AppData\Roaming\CyberLink
2014-06-21 23:52:57 ----D---- C:\ProgramData\CyberLink
2014-06-21 20:31:00 ----D---- C:\ProgramData\Acer
2014-06-21 19:15:05 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Visicom Media
2014-06-21 19:09:00 ----D---- C:\ProgramData\Visicom Media
2014-06-21 19:08:54 ----D---- C:\Program Files\Visicom Media
2014-06-19 06:34:12 ----D---- C:\Program Files\Windows Doctor
2014-06-16 05:21:46 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-16 05:19:42 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Oracle
2014-06-16 05:17:29 ----A---- C:\Windows\system32\javaws.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-16 05:17:22 ----A---- C:\Windows\system32\javaw.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\java.exe
2014-06-16 05:17:01 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 months======
2014-07-13 19:39:19 ----D---- C:\Windows\Temp
2014-07-13 19:39:07 ----D---- C:\ProgramData\clear.fi
2014-07-13 19:38:46 ----D---- C:\Windows\system32\config
2014-07-13 19:15:24 ----D---- C:\Windows\Prefetch
2014-07-13 18:40:49 ----D---- C:\Windows
2014-07-13 18:38:18 ----A---- C:\Windows\win.ini
2014-07-13 17:31:13 ----D---- C:\Windows\SysWOW64
2014-07-13 17:23:15 ----D---- C:\Windows\system32\drivers
2014-07-13 17:23:00 ----D---- C:\Program Files (x86)\Common Files
2014-07-13 17:22:58 ----D---- C:\ProgramData
2014-07-13 16:31:02 ----RD---- C:\Program Files
2014-07-13 16:28:30 ----D---- C:\Program Files (x86)
2014-07-13 16:25:22 ----D---- C:\Windows\SoftwareDistribution
2014-07-13 16:22:16 ----D---- C:\Windows\debug
2014-07-13 16:01:34 ----SHD---- C:\Windows\Installer
2014-07-13 07:21:47 ----D---- C:\Windows\system32\Tasks
2014-07-12 16:08:15 ----D---- C:\Windows\rescache
2014-07-11 05:53:26 ----D---- C:\ProgramData\Skype
2014-07-10 15:47:40 ----D---- C:\Luba faktury stacík
2014-07-10 08:23:50 ----D---- C:\Program Files\Puran Utilities
2014-07-10 08:12:48 ----SHD---- C:\System Volume Information
2014-07-10 07:31:38 ----D---- C:\Program Files (x86)\Google
2014-07-10 07:31:37 ----D---- C:\Windows\Tasks
2014-07-10 06:53:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 09:50:38 ----D---- C:\Users\Jaruneczka\AppData\Roaming\PowerCinema
2014-07-09 06:17:23 ----D---- C:\Windows\inf
2014-07-09 05:46:23 ----D---- C:\Windows\system32\catroot2
2014-07-08 21:03:27 ----D---- C:\Windows\winsxs
2014-07-08 21:00:06 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 21:00:06 ----D---- C:\Windows\System32
2014-07-08 21:00:06 ----D---- C:\Program Files\Windows Journal
2014-07-08 21:00:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 21:00:05 ----D---- C:\Windows\system32\Dism
2014-07-08 21:00:04 ----D---- C:\Windows\ehome
2014-07-08 21:00:03 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 21:00:03 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 21:00:03 ----D---- C:\Program Files\Internet Explorer
2014-07-08 21:00:02 ----D---- C:\Windows\system32\en-US
2014-07-08 21:00:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 20:45:27 ----D---- C:\Windows\system32\MRT
2014-07-08 20:39:03 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 20:34:59 ----D---- C:\Windows\system32\catroot
2014-07-06 16:37:20 ----D---- C:\Fotky
2014-07-06 15:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 17:31:41 ----D---- C:\Program Files (x86)\Launch Manager
2014-07-04 08:02:21 ----D---- C:\Windows\system32\NDF
2014-07-02 06:24:34 ----A---- C:\Windows\wininit.ini
2014-07-02 06:24:30 ----SD---- C:\ProgramData\Microsoft
2014-06-27 06:55:45 ----D---- C:\Windows\SYSWOW64\config
2014-06-26 07:06:16 ----D---- C:\Program Files\CCleaner
2014-06-24 15:36:24 ----D---- C:\Zálohy
2014-06-22 10:14:22 ----D---- C:\Hry
2014-06-22 09:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:17:53 ----D---- C:\Program Files (x86)\47659
2014-06-22 06:57:27 ----D---- C:\Windows\system32\DriverStore
2014-06-22 01:24:49 ----AD---- C:\ProgramData\Temp
2014-06-22 01:08:48 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Mozilla
2014-06-22 00:09:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 00:08:36 ----D---- C:\Program Files (x86)\Acer
2014-06-21 19:57:46 ----D---- C:\Windows\system32\wbem
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\vlc
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\IrfanView
2014-06-21 19:56:50 ----D---- C:\Windows\system32\Macromed
2014-06-21 19:56:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-21 19:56:50 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-21 19:56:49 ----D---- C:\Windows\SYSWOW64\Macromed
2014-06-21 19:56:49 ----D---- C:\Windows\registration
2014-06-19 08:15:49 ----RSD---- C:\Windows\assembly
2014-06-19 08:15:49 ----D---- C:\Windows\Microsoft.NET
2014-06-16 05:21:53 ----D---- C:\ProgramData\Oracle
2014-06-16 05:21:40 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-11-20 4028928]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-11-28 34384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 117912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-05-13 42224]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 40896]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-09-03 21712]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-05-22 156360]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2014-07-13 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2013-11-28 318592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-23 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Run by Jaruneczka at 2014-07-13 19:39:19
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 254 GB (88%) free of 290 GB
Total RAM: 1900 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:30, on 13.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\trend micro\Jaruneczka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - Acer Incorporated - (no file)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Služba zařazování tisku (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7092 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B496E09F-9772-4297-972E-82327E4CCFED}
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {86EFF165-B92D-4DDC-95FF-229EBE6A1CF0}
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
C:\Windows\SysWOW64\DllHost.exe /Processid:{B366DEBE-645B-43A5-B865-DDD82C345492}
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Jaruneczka\Desktop\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-16 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-16 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2013-10-08 515848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-05-07 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-05-07 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
Adblock Plus for IE Browser Helper Object - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2013-10-08 448776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2014-02-24 5581888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-01-26 368728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BackupManagerTray]
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2000-01-01 392472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2000-01-01 167704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:/Program Files (x86)/ManyCam/ManyCam.exe --silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv]
C:\Windows\inf\msckgra.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-10-02 1090912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OM2_Monitor]
C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-11-25 95632]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\Windows\system32\igfxpers.exe [2000-01-01 416024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power Management]
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07 256896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsiVideo]
C:\Windows\SysWOW64\rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2000-01-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ESETOlmarikOlmascoCleaner.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoResolveSearch"=0
"NoDriveTypeAutoRun"=153
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2014-07-13 19:19:28 ----D---- C:\rsit
2014-07-13 19:14:15 ----D---- C:\_OTM
2014-07-13 18:40:49 ----AD---- C:\Windows\rundll16.exe
2014-07-13 18:40:49 ----AD---- C:\Windows\logo1_.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\VDLL.DLL
2014-07-13 17:31:13 ----AD---- C:\Windows\SYSWOW64\runouce.exe
2014-07-13 17:31:13 ----AD---- C:\Windows\RUNDL132.EXE
2014-07-13 17:31:13 ----AD---- C:\Windows\logo_1.exe
2014-07-13 17:23:15 ----A---- C:\Windows\system32\drivers\trufos.sys
2014-07-13 17:23:09 ----A---- C:\Windows\SYSWOW64\msvcp80.dll
2014-07-13 17:23:08 ----A---- C:\Windows\SYSWOW64\msvcp90.dll
2014-07-13 17:23:06 ----A---- C:\Windows\SYSWOW64\msvcr90.dll
2014-07-13 17:23:05 ----A---- C:\Windows\SYSWOW64\eEmpty.exe
2014-07-13 17:22:58 ----D---- C:\ProgramData\MicroWorld
2014-07-13 16:31:02 ----D---- C:\Program Files\trend micro
2014-07-13 16:10:55 ----A---- C:\Windows\SYSWOW64\ie4uinit.exe
2014-07-13 11:55:44 ----D---- C:\Windows\ERUNT
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-08 20:36:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-08 20:36:02 ----A---- C:\Windows\system32\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-08 20:36:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-08 20:36:01 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-08 20:35:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-08 20:35:59 ----A---- C:\Windows\system32\urlmon.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-08 20:35:58 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-08 20:35:58 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-08 20:35:58 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-08 20:35:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-08 20:35:57 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iesetup.dll
2014-07-08 20:35:56 ----A---- C:\Windows\system32\iertutil.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-08 20:35:55 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-08 20:35:55 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-08 20:35:54 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\ieui.dll
2014-07-08 20:35:54 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-08 20:35:53 ----A---- C:\Windows\system32\ieframe.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\jscript9.dll
2014-07-08 20:35:52 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-08 20:35:51 ----A---- C:\Windows\system32\wininet.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\vbscript.dll
2014-07-08 20:35:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-08 20:35:50 ----A---- C:\Windows\system32\msrating.dll
2014-07-08 20:35:50 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-08 20:35:49 ----A---- C:\Windows\system32\mshtml.dll
2014-07-08 20:35:43 ----A---- C:\Windows\system32\aepdu.dll
2014-07-08 20:35:42 ----A---- C:\Windows\system32\aeinv.dll
2014-07-08 20:35:41 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\qedit.dll
2014-07-08 20:35:41 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-08 20:35:39 ----A---- C:\Windows\system32\lsasrv.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-08 20:35:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\wdigest.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\schannel.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-08 20:35:21 ----A---- C:\Windows\system32\kerberos.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-08 20:35:20 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-08 20:35:20 ----A---- C:\Windows\system32\credssp.dll
2014-07-08 20:35:04 ----A---- C:\Windows\system32\win32k.sys
2014-07-08 20:35:03 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-08 20:35:03 ----A---- C:\Windows\system32\osk.exe
2014-07-01 16:44:51 ----D---- C:\Program Files\Adblock Plus for IE
2014-07-01 16:44:46 ----D---- C:\ProgramData\Package Cache
2014-07-01 09:04:22 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-22 09:39:04 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Skype
2014-06-22 09:38:55 ----RD---- C:\Program Files (x86)\Skype
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\xvidvfw.dll
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll.manifest
2014-06-22 06:56:20 ----A---- C:\Windows\SYSWOW64\ff_vfw.dll
2014-06-22 01:24:49 ----D---- C:\Users\Jaruneczka\AppData\Roaming\ManyCam
2014-06-22 01:23:38 ----D---- C:\Program Files (x86)\ManyCam
2014-06-22 00:15:50 ----D---- C:\Users\Jaruneczka\AppData\Roaming\CyberLink
2014-06-21 23:52:57 ----D---- C:\ProgramData\CyberLink
2014-06-21 20:31:00 ----D---- C:\ProgramData\Acer
2014-06-21 19:15:05 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Visicom Media
2014-06-21 19:09:00 ----D---- C:\ProgramData\Visicom Media
2014-06-21 19:08:54 ----D---- C:\Program Files\Visicom Media
2014-06-19 06:34:12 ----D---- C:\Program Files\Windows Doctor
2014-06-16 05:21:46 ----A---- C:\Windows\SYSWOW64\javaws.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\javaw.exe
2014-06-16 05:21:40 ----A---- C:\Windows\SYSWOW64\java.exe
2014-06-16 05:19:42 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Oracle
2014-06-16 05:17:29 ----A---- C:\Windows\system32\javaws.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-06-16 05:17:22 ----A---- C:\Windows\system32\javaw.exe
2014-06-16 05:17:22 ----A---- C:\Windows\system32\java.exe
2014-06-16 05:17:01 ----D---- C:\Program Files\Java
======List of files/folders modified in the last 1 months======
2014-07-13 19:39:19 ----D---- C:\Windows\Temp
2014-07-13 19:39:07 ----D---- C:\ProgramData\clear.fi
2014-07-13 19:38:46 ----D---- C:\Windows\system32\config
2014-07-13 19:15:24 ----D---- C:\Windows\Prefetch
2014-07-13 18:40:49 ----D---- C:\Windows
2014-07-13 18:38:18 ----A---- C:\Windows\win.ini
2014-07-13 17:31:13 ----D---- C:\Windows\SysWOW64
2014-07-13 17:23:15 ----D---- C:\Windows\system32\drivers
2014-07-13 17:23:00 ----D---- C:\Program Files (x86)\Common Files
2014-07-13 17:22:58 ----D---- C:\ProgramData
2014-07-13 16:31:02 ----RD---- C:\Program Files
2014-07-13 16:28:30 ----D---- C:\Program Files (x86)
2014-07-13 16:25:22 ----D---- C:\Windows\SoftwareDistribution
2014-07-13 16:22:16 ----D---- C:\Windows\debug
2014-07-13 16:01:34 ----SHD---- C:\Windows\Installer
2014-07-13 07:21:47 ----D---- C:\Windows\system32\Tasks
2014-07-12 16:08:15 ----D---- C:\Windows\rescache
2014-07-11 05:53:26 ----D---- C:\ProgramData\Skype
2014-07-10 15:47:40 ----D---- C:\Luba faktury stacík
2014-07-10 08:23:50 ----D---- C:\Program Files\Puran Utilities
2014-07-10 08:12:48 ----SHD---- C:\System Volume Information
2014-07-10 07:31:38 ----D---- C:\Program Files (x86)\Google
2014-07-10 07:31:37 ----D---- C:\Windows\Tasks
2014-07-10 06:53:30 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-07-09 09:50:38 ----D---- C:\Users\Jaruneczka\AppData\Roaming\PowerCinema
2014-07-09 06:17:23 ----D---- C:\Windows\inf
2014-07-09 05:46:23 ----D---- C:\Windows\system32\catroot2
2014-07-08 21:03:27 ----D---- C:\Windows\winsxs
2014-07-08 21:00:06 ----SD---- C:\Windows\system32\CompatTel
2014-07-08 21:00:06 ----D---- C:\Windows\System32
2014-07-08 21:00:06 ----D---- C:\Program Files\Windows Journal
2014-07-08 21:00:05 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-08 21:00:05 ----D---- C:\Windows\system32\Dism
2014-07-08 21:00:04 ----D---- C:\Windows\ehome
2014-07-08 21:00:03 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-08 21:00:03 ----D---- C:\Windows\system32\cs-CZ
2014-07-08 21:00:03 ----D---- C:\Program Files\Internet Explorer
2014-07-08 21:00:02 ----D---- C:\Windows\system32\en-US
2014-07-08 21:00:01 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-08 20:45:27 ----D---- C:\Windows\system32\MRT
2014-07-08 20:39:03 ----A---- C:\Windows\system32\MRT.exe
2014-07-08 20:34:59 ----D---- C:\Windows\system32\catroot
2014-07-06 16:37:20 ----D---- C:\Fotky
2014-07-06 15:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-04 17:31:41 ----D---- C:\Program Files (x86)\Launch Manager
2014-07-04 08:02:21 ----D---- C:\Windows\system32\NDF
2014-07-02 06:24:34 ----A---- C:\Windows\wininit.ini
2014-07-02 06:24:30 ----SD---- C:\ProgramData\Microsoft
2014-06-27 06:55:45 ----D---- C:\Windows\SYSWOW64\config
2014-06-26 07:06:16 ----D---- C:\Program Files\CCleaner
2014-06-24 15:36:24 ----D---- C:\Zálohy
2014-06-22 10:14:22 ----D---- C:\Hry
2014-06-22 09:39:40 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-22 09:17:53 ----D---- C:\Program Files (x86)\47659
2014-06-22 06:57:27 ----D---- C:\Windows\system32\DriverStore
2014-06-22 01:24:49 ----AD---- C:\ProgramData\Temp
2014-06-22 01:08:48 ----D---- C:\Users\Jaruneczka\AppData\Roaming\Mozilla
2014-06-22 00:09:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-06-22 00:08:36 ----D---- C:\Program Files (x86)\Acer
2014-06-21 19:57:46 ----D---- C:\Windows\system32\wbem
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\vlc
2014-06-21 19:56:51 ----D---- C:\Users\Jaruneczka\AppData\Roaming\IrfanView
2014-06-21 19:56:50 ----D---- C:\Windows\system32\Macromed
2014-06-21 19:56:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-06-21 19:56:50 ----D---- C:\Windows\system32\CodeIntegrity
2014-06-21 19:56:49 ----D---- C:\Windows\SYSWOW64\Macromed
2014-06-21 19:56:49 ----D---- C:\Windows\registration
2014-06-19 08:15:49 ----RSD---- C:\Windows\assembly
2014-06-19 08:15:49 ----D---- C:\Windows\Microsoft.NET
2014-06-16 05:21:53 ----D---- C:\ProgramData\Oracle
2014-06-16 05:21:40 ----D---- C:\Program Files (x86)\Java
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-11-20 4028928]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2013-11-28 34384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2000-01-01 12289472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2000-01-01 117912]
R3 ManyCam;ManyCam Virtual Webcam; C:\Windows\system32\DRIVERS\mcvidrv.sys [2014-05-13 42224]
R3 mcaudrv_simple;ManyCam Virtual Microphone; C:\Windows\system32\drivers\mcaudrv_x64.sys [2014-05-13 35440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2011-01-14 74840]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2013-03-05 40896]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2013-09-03 21712]
S3 ESETOlmarikOlmascoCleaner;ESET Olmarik/Olmasco Cleaner; \??\C:\Windows\system32\Drivers\ESETOlmarikOlmascoCleaner.sys [2014-05-22 156360]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2013-01-23 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2013-01-23 171008]
S3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 scvad_simple;SplitCam Virtual Microphone (WDM); C:\Windows\system32\drivers\SplitCamAudio.sys [2013-11-01 23552]
S3 splitcam_hd_driver;SplitCam Virtual Video Driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [2013-12-16 37496]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2014-07-13 350160]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Atheros\Bluetooth Suite\adminservice.exe [2013-11-28 318592]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2014-02-24 1343408]
R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S3 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-23 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-26 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
All processes killed
========== FILES ==========
File/Folder C:\Windows\inf\msckgra.vbe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv\ not found.
========== SERVICES/DRIVERS ==========
Error: No service named BBSvc was found to stop!
Service\Driver key BBSvc not found.
Error: No service named BBUpdate was found to stop!
Service\Driver key BBUpdate not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jaruneczka
->Temp folder emptied: 180566 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3603687 bytes
->Flash cache emptied: 291 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4852 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Jaruneczka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07132014_193559
All processes killed
OTM by OldTimer - Version 3.1.21.0 log created on 07132014_193559
Files moved on Reboot...
C:\Users\Jaruneczka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
========== FILES ==========
File/Folder C:\Windows\inf\msckgra.vbe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msckgraSrv\ not found.
========== SERVICES/DRIVERS ==========
Error: No service named BBSvc was found to stop!
Service\Driver key BBSvc not found.
Error: No service named BBUpdate was found to stop!
Service\Driver key BBUpdate not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Jaruneczka
->Temp folder emptied: 180566 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3603687 bytes
->Flash cache emptied: 291 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4852 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Jaruneczka
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07132014_193559
All processes killed
OTM by OldTimer - Version 3.1.21.0 log created on 07132014_193559
Files moved on Reboot...
C:\Users\Jaruneczka\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\LMutilps.log scheduled to be moved on reboot.
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119317
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Teď je všechno v pořádku. 
To, co tam bylo, nebyl Kryptik, ale skriptový vir a pár zbytečností.
To, co tam bylo, nebyl Kryptik, ale skriptový vir a pár zbytečností.Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
jaruneczka
- Vzorný návštěvník
- Příspěvky: 417
- Registrován: 09 čer 2008 11:45
- Bydliště: Ostrava
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
rudy, děkuji pěkně, dnes tu mám i synův pc , v normál. sekci - řeší vyosek 
Jinak ty kryptíky jsou v ESS v karanténě: kryptík QF,ATFX,...... a v červnu: VBS AC a Agent NID....
Prima večer.
Jinak ty kryptíky jsou v ESS v karanténě: kryptík QF,ATFX,...... a v červnu: VBS AC a Agent NID....
Prima večer.
-
Rudy
- Site Admin
- Příspěvky: 119317
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o ko logu -měla jsem trojana kryptíka, děkuji
Jj. Stane se. Karanténu můžete smazat. Hezký den i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?