Modra smrt pri Firefoxe
Napsal: 26 srp 2014 18:56
Dobry den.
Pri prehliadani Firefoxu mi padava komp do BSOD.
Pri Chrome ani pri IE to nerobi..
Dakujem..
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014 (ATTENTION: ====> FRST version is 173 days old and could be outdated)
Ran by Bluf (administrator) on BLUF-PC on 26-08-2014 19:33:06
Running from C:\Users\Bluf\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(New Softwares.net) C:\Windows\SysWow64\WinFLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Windows\System32\JulaPAN.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(BitTorrent Inc.) C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [JulaPAN.exe] - C:\Windows\system32\JulaPAN.exe [494504 2014-02-06] ()
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [ACPW07EN] - C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1813832 2014-03-18] (ACD Systems)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-13] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [uTorrent] - C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [WinFLTray] - C:\Windows\SysWow64\WinFLTray.exe [322360 2014-04-04] ( New Softwares.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [FLBackup] - C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2014-04-04] (New Softwares.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [eMuleAutoStart] - C:\Program Files (x86)\eMule\emule.exe [5668864 2009-02-22] (http://www.emule-project.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 5&tsp=4921
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.151.222.34 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default
FF user.js: detected! => C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\user.js
FF Homepage: https://mail.google.com/mail/u/0/?tab=wm#inbox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: GamePlayLabs Plugin - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\plugin2@gameplaylabs.com [2012-12-23]
FF Extension: Спутник @Mail.Ru - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2014-01-03]
FF Extension: DownloadHelper - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-11]
FF Extension: Bitdefender QuickScan - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-07-22]
FF Extension: S3.Google Translator - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\s3google@translator.xpi [2013-11-15]
FF Extension: Google Translator for Firefox - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\translator@zoli.bod.xpi [2013-04-22]
FF Extension: Adblock Plus - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-21]
FF Extension: Greasemonkey - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-12-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014-05-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-05-28]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Disk Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-01]
CHR Extension: (YouTube) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-01]
CHR Extension: (avast! Online Security) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-26]
CHR Extension: (Peněženka Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2014-04-04] (New Softwares.net)
==================== Drivers (Whitelisted) ====================
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-13] ()
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-29] (DT Soft Ltd)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R1 Jula.sys; C:\Windows\System32\DRIVERS\Jula.sys [64936 2014-02-06] ()
R3 JulaWDM.sys; C:\Windows\System32\DRIVERS\JulaWDM.sys [44248 2014-02-06] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2014-04-04] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-04-04] (NewSoftwares.net, Inc.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-04] (StdLib)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
U0 SR;
U2 srservice;
U2 V2iMount;
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-08-26 19:33 - 2014-08-26 19:33 - 00020818 _____ () C:\Users\Bluf\Desktop\FRST.txt
2014-08-26 19:32 - 2014-08-26 19:33 - 00000000 ____D () C:\FRST
2014-08-26 19:31 - 2014-03-06 13:29 - 02156544 _____ (Farbar) C:\Users\Bluf\Desktop\FRST64.exe
2014-08-26 13:48 - 2014-08-26 15:13 - 00000000 ____D () C:\Users\Bluf\Desktop\ZUS 2014 2015
2014-08-26 13:47 - 2014-08-26 13:47 - 00044833 _____ () C:\Users\Bluf\Downloads\fwdpokyny_novkolskrok.zip
2014-08-26 13:36 - 2014-08-26 13:36 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 21:09 - 2014-08-24 22:13 - 00000000 ____D () C:\Users\Bluf\Desktop\jessi mala
2014-08-24 11:12 - 2014-08-26 12:09 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-24 11:12 - 2014-08-24 11:12 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-08-24 11:11 - 2014-08-26 12:09 - 00000000 ____D () C:\2-click run
2014-08-18 22:35 - 2014-08-18 22:35 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:32 - 2014-08-18 22:53 - 00000000 ____D () C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00002171 _____ () C:\Users\Public\Desktop\ACDSee Pro 7 (64-bit).lnk
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-16 10:46 - 2014-08-16 10:47 - 00000000 ____D () C:\Users\Bluf\Desktop\DRAZDIAK
2014-08-13 21:07 - 2014-08-13 21:08 - 00000908 _____ () C:\Windows\SysWOW64\TriceraLog.log
2014-08-13 18:36 - 2014-08-13 18:36 - 00002231 _____ () C:\Users\Bluf\Desktop\GRID_config.xml – zástupce.lnk
2014-08-13 17:35 - 2014-08-13 17:35 - 00000000 ____D () C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 15:05 - 2014-08-13 15:05 - 00000810 _____ () C:\Users\Public\Desktop\Mafia II HD.lnk
2014-08-13 14:53 - 2014-08-13 15:05 - 00000000 ____D () C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45 - 2014-08-13 12:45 - 00921632 _____ () C:\PA207.DAT
2014-08-13 12:28 - 2014-08-13 12:28 - 00035328 _____ () C:\Users\Bluf\Desktop\koncert Kafe Band Lisztova zahrada.xls
2014-08-13 00:03 - 2014-08-26 11:36 - 00003926 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-13 00:01 - 2014-08-13 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-02 09:27 - 2014-08-02 09:27 - 00036034 _____ () C:\Users\Bluf\Desktop\videa.m3u
2014-08-01 17:20 - 2014-08-01 17:26 - 00000000 ____D () C:\Users\Bluf\Desktop\VIDS
2014-08-01 15:48 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Bluf\Documents\Assetto Corsa
2014-08-01 15:19 - 2014-08-01 15:19 - 00001297 _____ () C:\Users\Bluf\Desktop\Assetto Corsa.lnk
2014-08-01 15:08 - 2014-08-01 15:08 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2014-08-01 09:13 - 2014-08-13 08:44 - 00004092 _____ () C:\Windows\PFRO.log
2014-08-01 00:29 - 2014-08-01 00:30 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-01 00:27 - 2014-08-01 00:27 - 00001655 _____ () C:\Users\Public\Desktop\GRID - Autosport.lnk
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-07-31 20:16 - 2014-07-31 20:16 - 00000994 _____ () C:\Users\Public\Desktop\mp3cutter.lnk
2014-07-31 20:16 - 2014-07-31 20:16 - 00000000 ____D () C:\Program Files (x86)\mp3cutter
2014-07-31 14:43 - 2014-07-31 14:43 - 00000939 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-07-31 14:42 - 2014-08-26 12:09 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Winamp
2014-07-31 14:42 - 2014-07-31 14:43 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-28 22:40 - 2014-07-28 22:40 - 00024272 _____ () C:\Users\Bluf\Documents\Durdina.veg
2014-07-28 22:33 - 2014-07-28 22:33 - 49946450 _____ () C:\Users\Bluf\Desktop\posledny track.wav
2014-07-28 22:33 - 2014-07-28 22:33 - 00390272 _____ () C:\Users\Bluf\Desktop\posledny track.sfk
2014-07-28 12:07 - 2014-08-12 19:03 - 00000000 ____D () C:\Users\Bluf\Desktop\Durdina
==================== One Month Modified Files and Folders =======
2014-08-26 19:33 - 2014-08-26 19:33 - 00020818 _____ () C:\Users\Bluf\Desktop\FRST.txt
2014-08-26 19:33 - 2014-08-26 19:32 - 00000000 ____D () C:\FRST
2014-08-26 19:33 - 2014-06-28 10:26 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\uTorrent
2014-08-26 19:22 - 2014-06-21 15:17 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef331361201fb.job
2014-08-26 15:22 - 2014-06-21 15:17 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef33134a7491b.job
2014-08-26 15:13 - 2014-08-26 13:48 - 00000000 ____D () C:\Users\Bluf\Desktop\ZUS 2014 2015
2014-08-26 13:47 - 2014-08-26 13:47 - 00044833 _____ () C:\Users\Bluf\Downloads\fwdpokyny_novkolskrok.zip
2014-08-26 13:36 - 2014-08-26 13:36 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-26 13:36 - 2013-01-01 23:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-26 12:09 - 2014-08-24 11:12 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-26 12:09 - 2014-08-24 11:11 - 00000000 ____D () C:\2-click run
2014-08-26 12:09 - 2014-07-31 14:42 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Winamp
2014-08-26 12:09 - 2012-12-30 22:37 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Skype
2014-08-26 12:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-26 11:37 - 2014-03-20 16:33 - 00001937 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-26 11:36 - 2014-08-13 00:03 - 00003926 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-26 11:35 - 2013-11-15 15:55 - 01486796 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 11:28 - 2012-12-23 12:32 - 00000000 ____D () C:\Users\Bluf
2014-08-26 11:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 11:27 - 2014-06-27 12:52 - 00005736 _____ () C:\Windows\setupact.log
2014-08-24 22:13 - 2014-08-24 21:09 - 00000000 ____D () C:\Users\Bluf\Desktop\jessi mala
2014-08-24 11:12 - 2014-08-24 11:12 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-08-19 01:09 - 2014-07-26 11:39 - 00000693 ___SH () C:\Windows\SysWOW64\win_fldb_sys.dat
2014-08-18 23:08 - 2013-01-22 19:38 - 00000000 ____D () C:\Users\Bluf\AppData\Local\CrashDumps
2014-08-18 22:53 - 2014-08-18 22:32 - 00000000 ____D () C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 22:48 - 2014-04-04 12:13 - 00011781 ___SH () C:\Windows\SysWOW64\win_flfiles_sys.dat
2014-08-18 22:48 - 2014-04-04 12:13 - 00003465 ___SH () C:\Windows\SysWOW64\win_stlthdb_sys.dat
2014-08-18 22:35 - 2014-08-18 22:35 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00002171 _____ () C:\Users\Public\Desktop\ACDSee Pro 7 (64-bit).lnk
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-18 22:22 - 2013-04-05 00:27 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-08-18 22:20 - 2012-12-26 15:25 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Downloaded Installations
2014-08-17 15:51 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-08-17 15:51 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-08-17 15:51 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-16 10:47 - 2014-08-16 10:46 - 00000000 ____D () C:\Users\Bluf\Desktop\DRAZDIAK
2014-08-13 21:08 - 2014-08-13 21:07 - 00000908 _____ () C:\Windows\SysWOW64\TriceraLog.log
2014-08-13 21:07 - 2012-12-28 22:57 - 00000000 ____D () C:\TriKaraoke
2014-08-13 18:36 - 2014-08-13 18:36 - 00002231 _____ () C:\Users\Bluf\Desktop\GRID_config.xml – zástupce.lnk
2014-08-13 18:10 - 2014-03-20 16:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-13 17:35 - 2014-08-13 17:35 - 00000000 ____D () C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 15:05 - 2014-08-13 15:05 - 00000810 _____ () C:\Users\Public\Desktop\Mafia II HD.lnk
2014-08-13 15:05 - 2014-08-13 14:53 - 00000000 ____D () C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45 - 2014-08-13 12:45 - 00921632 _____ () C:\PA207.DAT
2014-08-13 12:28 - 2014-08-13 12:28 - 00035328 _____ () C:\Users\Bluf\Desktop\koncert Kafe Band Lisztova zahrada.xls
2014-08-13 12:08 - 2009-07-14 04:34 - 00000446 _____ () C:\Windows\win.ini
2014-08-13 08:44 - 2014-08-01 09:13 - 00004092 _____ () C:\Windows\PFRO.log
2014-08-13 02:16 - 2009-07-14 06:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 02:16 - 2009-07-14 06:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 00:02 - 2014-05-30 13:00 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-13 00:02 - 2014-05-30 13:00 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-13 00:02 - 2014-05-30 12:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-13 00:02 - 2014-05-30 12:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-13 00:02 - 2014-03-20 16:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-13 00:01 - 2014-08-13 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-12 19:03 - 2014-07-28 12:07 - 00000000 ____D () C:\Users\Bluf\Desktop\Durdina
2014-08-11 17:24 - 2014-04-10 11:39 - 00001050 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-11 16:55 - 2012-12-30 22:37 - 00000000 ____D () C:\ProgramData\Skype
2014-08-02 09:27 - 2014-08-02 09:27 - 00036034 _____ () C:\Users\Bluf\Desktop\videa.m3u
2014-08-01 17:26 - 2014-08-01 17:20 - 00000000 ____D () C:\Users\Bluf\Desktop\VIDS
2014-08-01 15:52 - 2014-08-01 15:48 - 00000000 ____D () C:\Users\Bluf\Documents\Assetto Corsa
2014-08-01 15:20 - 2014-03-02 22:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 15:19 - 2014-08-01 15:19 - 00001297 _____ () C:\Users\Bluf\Desktop\Assetto Corsa.lnk
2014-08-01 15:19 - 2012-12-26 20:15 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-01 15:08 - 2014-08-01 15:08 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2014-08-01 15:00 - 2013-02-17 20:30 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Media Player Classic
2014-08-01 09:13 - 2009-07-14 06:45 - 00374112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-01 00:58 - 2013-05-29 02:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-08-01 00:58 - 2012-12-29 00:24 - 00000000 ____D () C:\Users\Bluf\Documents\My Games
2014-08-01 00:30 - 2014-08-01 00:29 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-01 00:27 - 2014-08-01 00:27 - 00001655 _____ () C:\Users\Public\Desktop\GRID - Autosport.lnk
2014-07-31 23:22 - 2013-11-23 23:50 - 00000000 ____D () C:\Hry
2014-07-31 20:46 - 2014-03-22 14:26 - 00000000 ____D () C:\Users\Bluf\Desktop\Beginning Jazz Guitar (Book & Tracks)
2014-07-31 20:27 - 2012-12-23 13:02 - 00100736 _____ () C:\Users\Bluf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-07-31 20:16 - 2014-07-31 20:16 - 00000994 _____ () C:\Users\Public\Desktop\mp3cutter.lnk
2014-07-31 20:16 - 2014-07-31 20:16 - 00000000 ____D () C:\Program Files (x86)\mp3cutter
2014-07-31 14:43 - 2014-07-31 14:43 - 00000939 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-07-31 14:43 - 2014-07-31 14:42 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 02:10 - 2013-02-17 23:34 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-07-28 22:40 - 2014-07-28 22:40 - 00024272 _____ () C:\Users\Bluf\Documents\Durdina.veg
2014-07-28 22:33 - 2014-07-28 22:33 - 49946450 _____ () C:\Users\Bluf\Desktop\posledny track.wav
2014-07-28 22:33 - 2014-07-28 22:33 - 00390272 _____ () C:\Users\Bluf\Desktop\posledny track.sfk
2014-07-28 11:54 - 2009-07-14 07:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Bluf\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp860m40.dll
C:\Users\Bluf\AppData\Local\Temp\nhIMPxhBZPGVfXJdGGVc.DLL
C:\Users\Bluf\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-08-17 00:15
==================== End Of Log ============================
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bluf at 2014-08-26 19:41:29
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (13%) free of 191 GB
Total RAM: 4095 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:31, on 26.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WinFLTray.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Bluf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
O4 - HKCU\..\Run: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLService - New Softwares.net - C:\Windows\SysWow64\WinFLService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5870 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWow64\WinFLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\System32\JulaPAN.exe"
"C:\Windows\PixArt\Pac207\Monitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Windows\SysWOW64\WinFLTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe100_ Global\UsGthrCtrlFltPipeMssGthrPipe100 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Bluf\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef33134a7491b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef331361201fb.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://mail.google.com/mail/u/0/?tab=wm#inbox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPSibelius.dll
PDFNetC.dll
ScorchAxPlugin.dll
ScorchPDFWrapper.dll
C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\extensions\
plugin2@gameplaylabs.com
{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{e001c731-5e37-4538-a5cb-8168736a2360}
C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\searchplugins\
delta.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-08-13 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-08-13 457712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JulaPAN.exe"=C:\Windows\system32\JulaPAN.exe [2014-02-06 494504]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"ACPW07EN"=C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2014-03-18 1813832]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-03 1322832]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"WinFLTray"=C:\Windows\SysWow64\WinFLTray.exe [2014-04-04 322360]
"FLBackup"=C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [2014-04-04 275768]
"eMuleAutoStart"=C:\Program Files (x86)\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
REGSVR32.EXE /S CTASIO.DLL []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioThk32Reg]
REGSVR32.EXE /S CTASIO.DLL []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
CTXFIHLP.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files (x86)\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JulaPAN.exe]
C:\Windows\system32\JulaPAN.exe [2014-02-06 494504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-05-28 310064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Bluf\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Bluf\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFLTray]
C:\Windows\SysWow64\WinFLTray.exe [2014-04-04 322360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bluf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Bluf\AppData\Roaming\Dropbox\bin\Dropbox.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bluf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk]
C:\Users\Bluf\AppData\Local\Freenet\freenet.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-08-13 4085896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDevMgrUpdate"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveSearch"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDevMgrUpdate"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveSearch"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"midi3"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"midi4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.ini - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2014-08-26 19:41:29 ----D---- C:\rsit
2014-08-26 19:32:32 ----D---- C:\FRST
2014-08-24 11:12:15 ----D---- C:\ProgramData\YTD Video Downloader
2014-08-24 11:11:56 ----D---- C:\2-click run
2014-08-18 22:35:41 ----D---- C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:22:46 ----D---- C:\ProgramData\ACD Systems
2014-08-18 22:22:39 ----SHD---- C:\Config.Msi
2014-08-18 22:22:39 ----D---- C:\Program Files\ACD Systems
2014-08-13 14:53:16 ----D---- C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45:07 ----A---- C:\PA207.DAT
2014-08-13 00:01:58 ----A---- C:\Windows\avastSS.scr
2014-08-01 15:08:30 ----D---- C:\Program Files (x86)\R.G. Freedom
2014-07-31 20:17:02 ----D---- C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17:02 ----D---- C:\ProgramData\XDMessagingv4
2014-07-31 20:16:45 ----D---- C:\Program Files (x86)\mp3cutter
2014-07-31 14:42:30 ----D---- C:\Users\Bluf\AppData\Roaming\Winamp
2014-07-31 14:42:30 ----D---- C:\Program Files (x86)\Winamp
======List of files/folders modified in the last 1 month======
2014-08-26 19:41:31 ----D---- C:\Windows\Prefetch
2014-08-26 19:41:31 ----D---- C:\Program Files\trend micro
2014-08-26 19:41:28 ----D---- C:\Windows\temp
2014-08-26 19:40:28 ----D---- C:\Users\Bluf\AppData\Roaming\uTorrent
2014-08-26 19:34:04 ----D---- C:\Windows
2014-08-26 13:36:08 ----D---- C:\Program Files (x86)\Google
2014-08-26 13:07:06 ----D---- C:\Windows\system32\config
2014-08-26 12:24:25 ----D---- C:\Windows\SysWOW64
2014-08-26 12:16:34 ----D---- C:\Windows\System32
2014-08-26 12:09:20 ----D---- C:\Windows\Tasks
2014-08-26 12:09:20 ----D---- C:\Windows\system32\wfp
2014-08-26 12:09:20 ----D---- C:\Windows\system32\DriverStore
2014-08-26 12:09:20 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-26 12:09:20 ----D---- C:\Windows\system32\catroot2
2014-08-26 12:09:19 ----D---- C:\Windows\inf
2014-08-26 12:09:13 ----D---- C:\Windows\system32\wbem
2014-08-26 12:09:13 ----D---- C:\Windows\registration
2014-08-26 12:09:06 ----D---- C:\Users\Bluf\AppData\Roaming\Skype
2014-08-26 12:09:02 ----D---- C:\ProgramData
2014-08-26 11:39:02 ----SHD---- C:\System Volume Information
2014-08-26 11:36:48 ----D---- C:\Windows\system32\Tasks
2014-08-18 22:23:12 ----SHD---- C:\Windows\Installer
2014-08-18 22:22:42 ----D---- C:\Program Files\Common Files\ACD Systems
2014-08-18 22:22:39 ----D---- C:\Program Files
2014-08-18 21:47:20 ----D---- C:\Program Files (x86)
2014-08-17 15:51:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-14 07:35:40 ----D---- C:\Windows\system32\drivers
2014-08-13 21:07:08 ----D---- C:\TriKaraoke
2014-08-13 12:08:14 ----A---- C:\Windows\win.ini
2014-08-13 00:02:02 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-11 16:55:39 ----D---- C:\ProgramData\Skype
2014-08-01 15:20:34 ----D---- C:\ProgramData\Package Cache
2014-08-01 15:19:48 ----D---- C:\Windows\SYSWOW64\directx
2014-08-01 15:00:49 ----D---- C:\Users\Bluf\AppData\Roaming\Media Player Classic
2014-08-01 00:58:38 ----D---- C:\ProgramData\Codemasters
2014-08-01 00:30:11 ----RSD---- C:\Windows\assembly
2014-08-01 00:27:21 ----D---- C:\Windows\Logs
2014-07-31 23:22:24 ----D---- C:\Hry
2014-07-31 20:16:50 ----RSD---- C:\Windows\Fonts
2014-07-31 14:42:45 ----D---- C:\Program Files (x86)\Common Files
2014-07-29 02:10:02 ----D---- C:\Program Files (x86)\The KMPlayer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-13 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-13 224896]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-13 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-13 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-13 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-29 283200]
R1 Jula.sys;Service for Juli@ Audio Driver EWDM; C:\Windows\system32\DRIVERS\Jula.sys [2014-02-06 64936]
R1 WinFLAdrv;WinFLAdrv; C:\Windows\SysWOW64\WinFLAdrv.sys [2014-04-04 36384]
R1 wStLibG64;wStLibG64; C:\Windows\system32\drivers\wStLibG64.sys [2014-04-04 61120]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-13 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-13 79184]
R2 WinVDEDrv;WinVDEDrv; \??\C:\Windows\SysWow64\WinVDEdrv.sys [2014-04-04 225680]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 JulaWDM.sys;Service for Juli@ WDM; C:\Windows\system32\DRIVERS\JulaWDM.sys [2014-02-06 44248]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-13 92008]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-12 151296]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-10 700200]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-10 142120]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-10 681256]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144]
S3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-08-13 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FLService;FLService; C:\Windows\SysWow64\WinFLService.exe [2014-04-04 92984]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.25.2
Run by Bluf at 19:51:21 on 2014-08-26
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2584 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWow64\WinFLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\JulaPAN.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WinFLTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.sk/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
uRun: [uTorrent] "C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
uRun: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
uRun: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart
mRun: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 213.151.222.34 192.168.0.1
TCP: Interfaces\{6AEAA361-DFC6-48E7-9F67-EFDD97180346} : DHCPNameServer = 213.151.222.34 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [JulaPAN.exe] JulaPAN.exe
x64-Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
x64-Run: [ACPW07EN] "C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe"
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/u/0/?tab=wm#inbox
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Sibelius Software\Scorch\NPSibelius.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2013-05-28 15:13; hotfix@mozilla.org; C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - c4027ad6000000000000002618f051ff
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15878
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.518:06:47
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - cs
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=122471&tt=180613_ndt5&tsp=4921
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
user_pref(extensions.autoDisableScopes,14);
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-5-30 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-5-30 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-5-30 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-20 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-29 283200]
R1 Jula.sys;Service for Juli@ Audio Driver EWDM;C:\Windows\System32\drivers\Jula.sys [2014-6-17 64936]
R1 wStLibG64;wStLibG64;C:\Windows\System32\drivers\wStLibG64.sys [2014-4-4 61120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-8-30 344064]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-30 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-20 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-8-13 50344]
R2 FLService;FLService;C:\Windows\SysWOW64\WinFLService.exe [2014-4-4 92984]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-4-10 5052224]
R2 WinVDEDrv;WinVDEDrv;C:\Windows\SysWOW64\WinVDEdrv.sys [2014-4-4 225680]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-12-26 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 JulaWDM.sys;Service for Juli@ WDM;C:\Windows\System32\drivers\JulaWDM.sys [2014-6-17 44248]
R3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
R3 RTL8167;Ovladač Realtek 8167 NT;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-30 92008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2013-2-27 33872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-6-15 110336]
S3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 54320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-4-27 31800]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-6-15 206080]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-27 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-25 1255736]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\System32\drivers\ymidusbx64.sys [2011-11-1 51016]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2014-08-26 17:32:32 -------- d-----w- C:\FRST
2014-08-26 09:28:52 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFB4AF3F-DE27-4557-A6E0-36FCAD58A27A}\mpengine.dll
2014-08-24 09:12:15 -------- d-----w- C:\ProgramData\YTD Video Downloader
2014-08-24 09:11:56 -------- d-----w- C:\2-click run
2014-08-18 20:35:41 -------- d-----w- C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 20:32:26 -------- d-----w- C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 20:22:46 -------- d-----w- C:\ProgramData\ACD Systems
2014-08-18 20:22:39 -------- d-----w- C:\Program Files\ACD Systems
2014-08-13 15:35:22 -------- d-----w- C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 12:53:16 -------- d-----w- C:\Program Files (x86)\Mafia II HD
2014-08-12 22:01:58 43152 ----a-w- C:\Windows\avastSS.scr
2014-08-01 13:08:30 -------- d-----w- C:\Program Files (x86)\R.G. Freedom
2014-07-31 18:17:02 -------- d-----w- C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 18:17:02 -------- d-----w- C:\ProgramData\XDMessagingv4
2014-07-31 18:17:01 -------- d-----w- C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 18:16:45 -------- d-----w- C:\Program Files (x86)\mp3cutter
2014-07-31 12:42:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
.
==================== Find3M ====================
.
2014-08-12 22:02:05 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-08-12 22:02:04 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-08-12 22:02:04 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-08-12 22:02:03 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-12 22:02:03 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-08-12 22:02:02 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-08-12 22:02:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-11 14:30:41 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 14:30:41 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-17 18:33:53 1192387 ----a-w- C:\Windows\unins000.exe
.
============= FINISH: 19:52:49,32 ===============
Pri prehliadani Firefoxu mi padava komp do BSOD.
Pri Chrome ani pri IE to nerobi..
Dakujem..
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014 (ATTENTION: ====> FRST version is 173 days old and could be outdated)
Ran by Bluf (administrator) on BLUF-PC on 26-08-2014 19:33:06
Running from C:\Users\Bluf\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(New Softwares.net) C:\Windows\SysWow64\WinFLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Windows\System32\JulaPAN.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(BitTorrent Inc.) C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [JulaPAN.exe] - C:\Windows\system32\JulaPAN.exe [494504 2014-02-06] ()
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [ACPW07EN] - C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1813832 2014-03-18] (ACD Systems)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4085896 2014-08-13] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\.DEFAULT\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoFile] 0
HKU\.DEFAULT\...\Policies\Explorer: [HideClock] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetFolders] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoDFSTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoLogoff] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoResolveSearch] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoSaveSettings] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoHardwareTab] 0
HKU\.DEFAULT\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [uTorrent] - C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [WinFLTray] - C:\Windows\SysWow64\WinFLTray.exe [322360 2014-04-04] ( New Softwares.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [FLBackup] - C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2014-04-04] (New Softwares.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Run: [eMuleAutoStart] - C:\Program Files (x86)\eMule\emule.exe [5668864 2009-02-22] (http://www.emule-project.net)
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1230921218-179560564-2204913223-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.delta-search.com/?q={searchT ... 5&tsp=4921
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/s ... wflash.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.151.222.34 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default
FF user.js: detected! => C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\user.js
FF Homepage: https://mail.google.com/mail/u/0/?tab=wm#inbox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Sibelius.com/Scorch Plugin,version=6.2.0.88 - C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchAxPlugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mapy-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: GamePlayLabs Plugin - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\plugin2@gameplaylabs.com [2012-12-23]
FF Extension: Спутник @Mail.Ru - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2014-01-03]
FF Extension: DownloadHelper - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-11]
FF Extension: Bitdefender QuickScan - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-07-22]
FF Extension: S3.Google Translator - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\s3google@translator.xpi [2013-11-15]
FF Extension: Google Translator for Firefox - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\translator@zoli.bod.xpi [2013-04-22]
FF Extension: Adblock Plus - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-21]
FF Extension: Greasemonkey - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-12-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2014-05-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [hotfix@mozilla.org] - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
FF Extension: Mozilla hotfix - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix [2013-05-28]
Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-26]
CHR Extension: (Disk Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-01]
CHR Extension: (YouTube) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-01]
CHR Extension: (avast! Online Security) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-26]
CHR Extension: (Peněženka Google) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-26]
CHR Extension: (Gmail) - C:\Users\Bluf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-08-13]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-08-13] (AVAST Software)
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2014-04-04] (New Softwares.net)
==================== Drivers (Whitelisted) ====================
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57512 2012-11-20] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-13] ()
S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-29] (DT Soft Ltd)
S3 GenericMount; C:\Windows\System32\DRIVERS\GenericMount.sys [54320 2009-09-21] (Symantec Corporation)
R1 Jula.sys; C:\Windows\System32\DRIVERS\Jula.sys [64936 2014-02-06] ()
R3 JulaWDM.sys; C:\Windows\System32\DRIVERS\JulaWDM.sys [44248 2014-02-06] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2014-04-04] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-04-04] (NewSoftwares.net, Inc.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61120 2014-04-04] (StdLib)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
U0 SR;
U2 srservice;
U2 V2iMount;
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-08-26 19:33 - 2014-08-26 19:33 - 00020818 _____ () C:\Users\Bluf\Desktop\FRST.txt
2014-08-26 19:32 - 2014-08-26 19:33 - 00000000 ____D () C:\FRST
2014-08-26 19:31 - 2014-03-06 13:29 - 02156544 _____ (Farbar) C:\Users\Bluf\Desktop\FRST64.exe
2014-08-26 13:48 - 2014-08-26 15:13 - 00000000 ____D () C:\Users\Bluf\Desktop\ZUS 2014 2015
2014-08-26 13:47 - 2014-08-26 13:47 - 00044833 _____ () C:\Users\Bluf\Downloads\fwdpokyny_novkolskrok.zip
2014-08-26 13:36 - 2014-08-26 13:36 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 21:09 - 2014-08-24 22:13 - 00000000 ____D () C:\Users\Bluf\Desktop\jessi mala
2014-08-24 11:12 - 2014-08-26 12:09 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-24 11:12 - 2014-08-24 11:12 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-08-24 11:11 - 2014-08-26 12:09 - 00000000 ____D () C:\2-click run
2014-08-18 22:35 - 2014-08-18 22:35 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:32 - 2014-08-18 22:53 - 00000000 ____D () C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00002171 _____ () C:\Users\Public\Desktop\ACDSee Pro 7 (64-bit).lnk
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-16 10:46 - 2014-08-16 10:47 - 00000000 ____D () C:\Users\Bluf\Desktop\DRAZDIAK
2014-08-13 21:07 - 2014-08-13 21:08 - 00000908 _____ () C:\Windows\SysWOW64\TriceraLog.log
2014-08-13 18:36 - 2014-08-13 18:36 - 00002231 _____ () C:\Users\Bluf\Desktop\GRID_config.xml – zástupce.lnk
2014-08-13 17:35 - 2014-08-13 17:35 - 00000000 ____D () C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 15:05 - 2014-08-13 15:05 - 00000810 _____ () C:\Users\Public\Desktop\Mafia II HD.lnk
2014-08-13 14:53 - 2014-08-13 15:05 - 00000000 ____D () C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45 - 2014-08-13 12:45 - 00921632 _____ () C:\PA207.DAT
2014-08-13 12:28 - 2014-08-13 12:28 - 00035328 _____ () C:\Users\Bluf\Desktop\koncert Kafe Band Lisztova zahrada.xls
2014-08-13 00:03 - 2014-08-26 11:36 - 00003926 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-13 00:01 - 2014-08-13 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-02 09:27 - 2014-08-02 09:27 - 00036034 _____ () C:\Users\Bluf\Desktop\videa.m3u
2014-08-01 17:20 - 2014-08-01 17:26 - 00000000 ____D () C:\Users\Bluf\Desktop\VIDS
2014-08-01 15:48 - 2014-08-01 15:52 - 00000000 ____D () C:\Users\Bluf\Documents\Assetto Corsa
2014-08-01 15:19 - 2014-08-01 15:19 - 00001297 _____ () C:\Users\Bluf\Desktop\Assetto Corsa.lnk
2014-08-01 15:08 - 2014-08-01 15:08 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2014-08-01 09:13 - 2014-08-13 08:44 - 00004092 _____ () C:\Windows\PFRO.log
2014-08-01 00:29 - 2014-08-01 00:30 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-01 00:27 - 2014-08-01 00:27 - 00001655 _____ () C:\Users\Public\Desktop\GRID - Autosport.lnk
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-07-31 20:16 - 2014-07-31 20:16 - 00000994 _____ () C:\Users\Public\Desktop\mp3cutter.lnk
2014-07-31 20:16 - 2014-07-31 20:16 - 00000000 ____D () C:\Program Files (x86)\mp3cutter
2014-07-31 14:43 - 2014-07-31 14:43 - 00000939 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-07-31 14:42 - 2014-08-26 12:09 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Winamp
2014-07-31 14:42 - 2014-07-31 14:43 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-28 22:40 - 2014-07-28 22:40 - 00024272 _____ () C:\Users\Bluf\Documents\Durdina.veg
2014-07-28 22:33 - 2014-07-28 22:33 - 49946450 _____ () C:\Users\Bluf\Desktop\posledny track.wav
2014-07-28 22:33 - 2014-07-28 22:33 - 00390272 _____ () C:\Users\Bluf\Desktop\posledny track.sfk
2014-07-28 12:07 - 2014-08-12 19:03 - 00000000 ____D () C:\Users\Bluf\Desktop\Durdina
==================== One Month Modified Files and Folders =======
2014-08-26 19:33 - 2014-08-26 19:33 - 00020818 _____ () C:\Users\Bluf\Desktop\FRST.txt
2014-08-26 19:33 - 2014-08-26 19:32 - 00000000 ____D () C:\FRST
2014-08-26 19:33 - 2014-06-28 10:26 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\uTorrent
2014-08-26 19:22 - 2014-06-21 15:17 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cef331361201fb.job
2014-08-26 15:22 - 2014-06-21 15:17 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef33134a7491b.job
2014-08-26 15:13 - 2014-08-26 13:48 - 00000000 ____D () C:\Users\Bluf\Desktop\ZUS 2014 2015
2014-08-26 13:47 - 2014-08-26 13:47 - 00044833 _____ () C:\Users\Bluf\Downloads\fwdpokyny_novkolskrok.zip
2014-08-26 13:36 - 2014-08-26 13:36 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-26 13:36 - 2013-01-01 23:09 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-26 12:09 - 2014-08-24 11:12 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-26 12:09 - 2014-08-24 11:11 - 00000000 ____D () C:\2-click run
2014-08-26 12:09 - 2014-07-31 14:42 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Winamp
2014-08-26 12:09 - 2012-12-30 22:37 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Skype
2014-08-26 12:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-26 11:37 - 2014-03-20 16:33 - 00001937 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-26 11:36 - 2014-08-13 00:03 - 00003926 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-26 11:35 - 2013-11-15 15:55 - 01486796 _____ () C:\Windows\WindowsUpdate.log
2014-08-26 11:28 - 2012-12-23 12:32 - 00000000 ____D () C:\Users\Bluf
2014-08-26 11:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-26 11:27 - 2014-06-27 12:52 - 00005736 _____ () C:\Windows\setupact.log
2014-08-24 22:13 - 2014-08-24 21:09 - 00000000 ____D () C:\Users\Bluf\Desktop\jessi mala
2014-08-24 11:12 - 2014-08-24 11:12 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2014-08-19 01:09 - 2014-07-26 11:39 - 00000693 ___SH () C:\Windows\SysWOW64\win_fldb_sys.dat
2014-08-18 23:08 - 2013-01-22 19:38 - 00000000 ____D () C:\Users\Bluf\AppData\Local\CrashDumps
2014-08-18 22:53 - 2014-08-18 22:32 - 00000000 ____D () C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 22:48 - 2014-04-04 12:13 - 00011781 ___SH () C:\Windows\SysWOW64\win_flfiles_sys.dat
2014-08-18 22:48 - 2014-04-04 12:13 - 00003465 ___SH () C:\Windows\SysWOW64\win_stlthdb_sys.dat
2014-08-18 22:35 - 2014-08-18 22:35 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00002171 _____ () C:\Users\Public\Desktop\ACDSee Pro 7 (64-bit).lnk
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\ProgramData\ACD Systems
2014-08-18 22:22 - 2014-08-18 22:22 - 00000000 ____D () C:\Program Files\ACD Systems
2014-08-18 22:22 - 2013-04-05 00:27 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-08-18 22:20 - 2012-12-26 15:25 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Downloaded Installations
2014-08-17 15:51 - 2009-07-14 17:18 - 00668866 _____ () C:\Windows\system32\perfh005.dat
2014-08-17 15:51 - 2009-07-14 17:18 - 00141526 _____ () C:\Windows\system32\perfc005.dat
2014-08-17 15:51 - 2009-07-14 07:13 - 01584554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-16 10:47 - 2014-08-16 10:46 - 00000000 ____D () C:\Users\Bluf\Desktop\DRAZDIAK
2014-08-13 21:08 - 2014-08-13 21:07 - 00000908 _____ () C:\Windows\SysWOW64\TriceraLog.log
2014-08-13 21:07 - 2012-12-28 22:57 - 00000000 ____D () C:\TriKaraoke
2014-08-13 18:36 - 2014-08-13 18:36 - 00002231 _____ () C:\Users\Bluf\Desktop\GRID_config.xml – zástupce.lnk
2014-08-13 18:10 - 2014-03-20 16:33 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-13 17:35 - 2014-08-13 17:35 - 00000000 ____D () C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 15:05 - 2014-08-13 15:05 - 00000810 _____ () C:\Users\Public\Desktop\Mafia II HD.lnk
2014-08-13 15:05 - 2014-08-13 14:53 - 00000000 ____D () C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45 - 2014-08-13 12:45 - 00921632 _____ () C:\PA207.DAT
2014-08-13 12:28 - 2014-08-13 12:28 - 00035328 _____ () C:\Users\Bluf\Desktop\koncert Kafe Band Lisztova zahrada.xls
2014-08-13 12:08 - 2009-07-14 04:34 - 00000446 _____ () C:\Windows\win.ini
2014-08-13 08:44 - 2014-08-01 09:13 - 00004092 _____ () C:\Windows\PFRO.log
2014-08-13 02:16 - 2009-07-14 06:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 02:16 - 2009-07-14 06:45 - 00025760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 00:02 - 2014-05-30 13:00 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-13 00:02 - 2014-05-30 13:00 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-13 00:02 - 2014-05-30 12:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-13 00:02 - 2014-05-30 12:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-13 00:02 - 2014-05-30 12:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-13 00:02 - 2014-03-20 16:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-13 00:01 - 2014-08-13 00:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-12 19:03 - 2014-07-28 12:07 - 00000000 ____D () C:\Users\Bluf\Desktop\Durdina
2014-08-11 17:24 - 2014-04-10 11:39 - 00001050 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-11 16:55 - 2012-12-30 22:37 - 00000000 ____D () C:\ProgramData\Skype
2014-08-02 09:27 - 2014-08-02 09:27 - 00036034 _____ () C:\Users\Bluf\Desktop\videa.m3u
2014-08-01 17:26 - 2014-08-01 17:20 - 00000000 ____D () C:\Users\Bluf\Desktop\VIDS
2014-08-01 15:52 - 2014-08-01 15:48 - 00000000 ____D () C:\Users\Bluf\Documents\Assetto Corsa
2014-08-01 15:20 - 2014-03-02 22:28 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 15:19 - 2014-08-01 15:19 - 00001297 _____ () C:\Users\Bluf\Desktop\Assetto Corsa.lnk
2014-08-01 15:19 - 2012-12-26 20:15 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-01 15:08 - 2014-08-01 15:08 - 00000000 ____D () C:\Program Files (x86)\R.G. Freedom
2014-08-01 15:00 - 2013-02-17 20:30 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Media Player Classic
2014-08-01 09:13 - 2009-07-14 06:45 - 00374112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-01 00:58 - 2013-05-29 02:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-08-01 00:58 - 2012-12-29 00:24 - 00000000 ____D () C:\Users\Bluf\Documents\My Games
2014-08-01 00:30 - 2014-08-01 00:29 - 00018435 _____ () C:\Windows\DirectX.log
2014-08-01 00:27 - 2014-08-01 00:27 - 00001655 _____ () C:\Users\Public\Desktop\GRID - Autosport.lnk
2014-07-31 23:22 - 2013-11-23 23:50 - 00000000 ____D () C:\Hry
2014-07-31 20:46 - 2014-03-22 14:26 - 00000000 ____D () C:\Users\Bluf\Desktop\Beginning Jazz Guitar (Book & Tracks)
2014-07-31 20:27 - 2012-12-23 13:02 - 00100736 _____ () C:\Users\Bluf\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-07-31 20:16 - 2014-07-31 20:16 - 00000994 _____ () C:\Users\Public\Desktop\mp3cutter.lnk
2014-07-31 20:16 - 2014-07-31 20:16 - 00000000 ____D () C:\Program Files (x86)\mp3cutter
2014-07-31 14:43 - 2014-07-31 14:43 - 00000939 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-07-31 14:43 - 2014-07-31 14:42 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 02:10 - 2013-02-17 23:34 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2014-07-28 22:40 - 2014-07-28 22:40 - 00024272 _____ () C:\Users\Bluf\Documents\Durdina.veg
2014-07-28 22:33 - 2014-07-28 22:33 - 49946450 _____ () C:\Users\Bluf\Desktop\posledny track.wav
2014-07-28 22:33 - 2014-07-28 22:33 - 00390272 _____ () C:\Users\Bluf\Desktop\posledny track.sfk
2014-07-28 11:54 - 2009-07-14 07:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Some content of TEMP:
====================
C:\Users\Bluf\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp860m40.dll
C:\Users\Bluf\AppData\Local\Temp\nhIMPxhBZPGVfXJdGGVc.DLL
C:\Users\Bluf\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-08-17 00:15
==================== End Of Log ============================
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bluf at 2014-08-26 19:41:29
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (13%) free of 191 GB
Total RAM: 4095 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:31, on 26.8.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WinFLTray.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files\trend micro\Bluf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
O4 - HKCU\..\Run: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLService - New Softwares.net - C:\Windows\SysWow64\WinFLService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 5870 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWow64\WinFLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\System32\JulaPAN.exe"
"C:\Windows\PixArt\Pac207\Monitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Windows\SysWOW64\WinFLTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"taskhost.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe100_ Global\UsGthrCtrlFltPipeMssGthrPipe100 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Bluf\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef33134a7491b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cef331361201fb.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "https://mail.google.com/mail/u/0/?tab=wm#inbox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Sibelius.com/Scorch Plugin,version=6.2.0.88]
"Description"=Sibelius Scorch Plugin
"Path"=C:\Program Files (x86)\Sibelius Software\Scorch\npsibelius.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPSibelius.dll
PDFNetC.dll
ScorchAxPlugin.dll
ScorchPDFWrapper.dll
C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\extensions\
plugin2@gameplaylabs.com
{37964A3C-4EE8-47b1-8321-34DE2C39BA4D}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{e001c731-5e37-4538-a5cb-8168736a2360}
C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\searchplugins\
delta.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-08-13 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-08-13 457712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"JulaPAN.exe"=C:\Windows\system32\JulaPAN.exe [2014-02-06 494504]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"ACPW07EN"=C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2014-03-18 1813832]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe [2014-07-03 1322832]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
"WinFLTray"=C:\Windows\SysWow64\WinFLTray.exe [2014-04-04 322360]
"FLBackup"=C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [2014-04-04 275768]
"eMuleAutoStart"=C:\Program Files (x86)\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioReg]
REGSVR32.EXE /S CTASIO.DLL []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AsioThk32Reg]
REGSVR32.EXE /S CTASIO.DLL []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTxfiHlp]
CTXFIHLP.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eMuleAutoStart]
C:\Program Files (x86)\eMule\emule.exe [2009-02-22 5668864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JulaPAN.exe]
C:\Windows\system32\JulaPAN.exe [2014-02-06 494504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesAirMessage]
C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-05-28 310064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBAgent]
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21650016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Bluf\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Bluf\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFLTray]
C:\Windows\SysWow64\WinFLTray.exe [2014-04-04 322360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bluf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Bluf\AppData\Roaming\Dropbox\bin\Dropbox.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Bluf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk]
C:\Users\Bluf\AppData\Local\Freenet\freenet.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-08-13 4085896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-30 766208]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRkrn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRSVC]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDevMgrUpdate"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveSearch"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=0
"NoDevMgrUpdate"=0
"NoDeletePrinter"=0
"NoDFSTab"=0
"NoEncryptOnMove"=0
"NoRunasInstallPrompt"=0
"NoResolveSearch"=0
"NoResolveTrack"=0
"NoStartMenuSubFolders"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"VIDC.FPS1"=frapsv64.dll
"midi3"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"midi4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.ini - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
.js - edit - C:\Windows\System32\Notepad.exe %1
.txt - open - %SystemRoot%\SysWow64\NOTEPAD.EXE %1
======List of files/folders created in the last 1 month======
2014-08-26 19:41:29 ----D---- C:\rsit
2014-08-26 19:32:32 ----D---- C:\FRST
2014-08-24 11:12:15 ----D---- C:\ProgramData\YTD Video Downloader
2014-08-24 11:11:56 ----D---- C:\2-click run
2014-08-18 22:35:41 ----D---- C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 22:22:46 ----D---- C:\ProgramData\ACD Systems
2014-08-18 22:22:39 ----SHD---- C:\Config.Msi
2014-08-18 22:22:39 ----D---- C:\Program Files\ACD Systems
2014-08-13 14:53:16 ----D---- C:\Program Files (x86)\Mafia II HD
2014-08-13 12:45:07 ----A---- C:\PA207.DAT
2014-08-13 00:01:58 ----A---- C:\Windows\avastSS.scr
2014-08-01 15:08:30 ----D---- C:\Program Files (x86)\R.G. Freedom
2014-07-31 20:17:02 ----D---- C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 20:17:02 ----D---- C:\ProgramData\XDMessagingv4
2014-07-31 20:16:45 ----D---- C:\Program Files (x86)\mp3cutter
2014-07-31 14:42:30 ----D---- C:\Users\Bluf\AppData\Roaming\Winamp
2014-07-31 14:42:30 ----D---- C:\Program Files (x86)\Winamp
======List of files/folders modified in the last 1 month======
2014-08-26 19:41:31 ----D---- C:\Windows\Prefetch
2014-08-26 19:41:31 ----D---- C:\Program Files\trend micro
2014-08-26 19:41:28 ----D---- C:\Windows\temp
2014-08-26 19:40:28 ----D---- C:\Users\Bluf\AppData\Roaming\uTorrent
2014-08-26 19:34:04 ----D---- C:\Windows
2014-08-26 13:36:08 ----D---- C:\Program Files (x86)\Google
2014-08-26 13:07:06 ----D---- C:\Windows\system32\config
2014-08-26 12:24:25 ----D---- C:\Windows\SysWOW64
2014-08-26 12:16:34 ----D---- C:\Windows\System32
2014-08-26 12:09:20 ----D---- C:\Windows\Tasks
2014-08-26 12:09:20 ----D---- C:\Windows\system32\wfp
2014-08-26 12:09:20 ----D---- C:\Windows\system32\DriverStore
2014-08-26 12:09:20 ----D---- C:\Windows\system32\CodeIntegrity
2014-08-26 12:09:20 ----D---- C:\Windows\system32\catroot2
2014-08-26 12:09:19 ----D---- C:\Windows\inf
2014-08-26 12:09:13 ----D---- C:\Windows\system32\wbem
2014-08-26 12:09:13 ----D---- C:\Windows\registration
2014-08-26 12:09:06 ----D---- C:\Users\Bluf\AppData\Roaming\Skype
2014-08-26 12:09:02 ----D---- C:\ProgramData
2014-08-26 11:39:02 ----SHD---- C:\System Volume Information
2014-08-26 11:36:48 ----D---- C:\Windows\system32\Tasks
2014-08-18 22:23:12 ----SHD---- C:\Windows\Installer
2014-08-18 22:22:42 ----D---- C:\Program Files\Common Files\ACD Systems
2014-08-18 22:22:39 ----D---- C:\Program Files
2014-08-18 21:47:20 ----D---- C:\Program Files (x86)
2014-08-17 15:51:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-08-14 07:35:40 ----D---- C:\Windows\system32\drivers
2014-08-13 21:07:08 ----D---- C:\TriKaraoke
2014-08-13 12:08:14 ----A---- C:\Windows\win.ini
2014-08-13 00:02:02 ----A---- C:\Windows\system32\aswBoot.exe
2014-08-11 16:55:39 ----D---- C:\ProgramData\Skype
2014-08-01 15:20:34 ----D---- C:\ProgramData\Package Cache
2014-08-01 15:19:48 ----D---- C:\Windows\SYSWOW64\directx
2014-08-01 15:00:49 ----D---- C:\Users\Bluf\AppData\Roaming\Media Player Classic
2014-08-01 00:58:38 ----D---- C:\ProgramData\Codemasters
2014-08-01 00:30:11 ----RSD---- C:\Windows\assembly
2014-08-01 00:27:21 ----D---- C:\Windows\Logs
2014-07-31 23:22:24 ----D---- C:\Hry
2014-07-31 20:16:50 ----RSD---- C:\Windows\Fonts
2014-07-31 14:42:45 ----D---- C:\Program Files (x86)\Common Files
2014-07-29 02:10:02 ----D---- C:\Program Files (x86)\The KMPlayer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-08-13 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-08-13 224896]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-24 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-08-13 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-08-13 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-08-13 427360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-29 283200]
R1 Jula.sys;Service for Juli@ Audio Driver EWDM; C:\Windows\system32\DRIVERS\Jula.sys [2014-02-06 64936]
R1 WinFLAdrv;WinFLAdrv; C:\Windows\SysWOW64\WinFLAdrv.sys [2014-04-04 36384]
R1 wStLibG64;wStLibG64; C:\Windows\system32\drivers\wStLibG64.sys [2014-04-04 61120]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-08-13 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-08-13 79184]
R2 WinVDEDrv;WinVDEDrv; \??\C:\Windows\SysWow64\WinVDEdrv.sys [2014-04-04 225680]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 13207552]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 626176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-07-05 96256]
R3 JulaWDM.sys;Service for Juli@ WDM; C:\Windows\system32\DRIVERS\JulaWDM.sys [2014-02-06 44248]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 572416]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-08-13 92008]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\system32\COMMONFX.DLL [2007-04-12 151296]
S3 cpuz135;cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\system32\CT20XUT.DLL [2007-04-10 252712]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904]
S3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016]
S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\system32\CTAUDFX.DLL [2007-04-10 700200]
S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\system32\CTEAPSFX.DLL [2007-04-10 219432]
S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\system32\CTEDSPFX.DLL [2007-04-10 321832]
S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\system32\CTEDSPIO.DLL [2007-04-10 190248]
S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\system32\CTEDSPSY.DLL [2007-04-10 363304]
S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\system32\CTERFXFX.DLL [2007-04-10 142120]
S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\system32\CTEXFIFX.DLL [2007-04-10 1571112]
S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\system32\CTHWIUT.DLL [2007-04-10 123688]
S3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192]
S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\system32\CTSBLFX.DLL [2007-04-10 681256]
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-04-11 110336]
S3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752]
S3 GenericMount;Generic Mount Driver; C:\Windows\system32\DRIVERS\GenericMount.sys [2009-09-21 54320]
S3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144]
S3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208]
S3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-04-11 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-08-13 50344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 FLService;FLService; C:\Windows\SysWow64\WinFLService.exe [2014-04-04 92984]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-08-06 5052224]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-02-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-30 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-24 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.25.2
Run by Bluf at 19:51:21 on 2014-08-26
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2584 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWow64\WinFLService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\JulaPAN.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\WinFLTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\SysWow64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.sk/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
uRun: [uTorrent] "C:\Users\Bluf\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [WinFLTray] C:\Windows\SysWow64\WinFLTray.exe
uRun: [FLBackup] C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
uRun: [eMuleAutoStart] C:\Program Files (x86)\eMule\emule.exe -AutoStart
mRun: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 213.151.222.34 192.168.0.1
TCP: Interfaces\{6AEAA361-DFC6-48E7-9F67-EFDD97180346} : DHCPNameServer = 213.151.222.34 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll
x64-Run: [JulaPAN.exe] JulaPAN.exe
x64-Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
x64-Run: [ACPW07EN] "C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe"
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Profiles\sw7wvqxd.default\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/u/0/?tab=wm#inbox
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Sibelius Software\Scorch\NPSibelius.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2013-05-28 15:13; hotfix@mozilla.org; C:\Users\Bluf\AppData\Roaming\Mozilla\Firefox\Extensions\MozillaHotfix
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - c4027ad6000000000000002618f051ff
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15878
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.518:06:47
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - cs
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=122471&tt=180613_ndt5&tsp=4921
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
user_pref(extensions.autoDisableScopes,14);
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-5-30 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-5-30 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-5-30 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-20 427360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-29 283200]
R1 Jula.sys;Service for Juli@ Audio Driver EWDM;C:\Windows\System32\drivers\Jula.sys [2014-6-17 64936]
R1 wStLibG64;wStLibG64;C:\Windows\System32\drivers\wStLibG64.sys [2014-4-4 61120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-8-30 344064]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-30 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-20 79184]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-8-13 50344]
R2 FLService;FLService;C:\Windows\SysWOW64\WinFLService.exe [2014-4-4 92984]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-4-10 5052224]
R2 WinVDEDrv;WinVDEDrv;C:\Windows\SysWOW64\WinVDEdrv.sys [2014-4-4 225680]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-12-26 46136]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-7-5 96256]
R3 JulaWDM.sys;Service for Juli@ WDM;C:\Windows\System32\drivers\JulaWDM.sys [2014-6-17 44248]
R3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
R3 RTL8167;Ovladač Realtek 8167 NT;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-11-20 57512]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-5-30 92008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2013-2-27 33872]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-6-15 110336]
S3 GenericMount;Generic Mount Driver;C:\Windows\System32\drivers\GenericMount.sys [2009-9-21 54320]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2013-4-27 31800]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-6-15 206080]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-27 59392]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-25 1255736]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\Windows\System32\drivers\ymidusbx64.sys [2011-11-1 51016]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .vbs: VBSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2014-08-26 17:32:32 -------- d-----w- C:\FRST
2014-08-26 09:28:52 10779000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CFB4AF3F-DE27-4557-A6E0-36FCAD58A27A}\mpengine.dll
2014-08-24 09:12:15 -------- d-----w- C:\ProgramData\YTD Video Downloader
2014-08-24 09:11:56 -------- d-----w- C:\2-click run
2014-08-18 20:35:41 -------- d-----w- C:\Users\Bluf\AppData\Roaming\ACD Systems
2014-08-18 20:32:26 -------- d-----w- C:\Users\Bluf\AppData\Local\ACD Systems
2014-08-18 20:22:46 -------- d-----w- C:\ProgramData\ACD Systems
2014-08-18 20:22:39 -------- d-----w- C:\Program Files\ACD Systems
2014-08-13 15:35:22 -------- d-----w- C:\Users\Bluf\AppData\Local\2K Games
2014-08-13 12:53:16 -------- d-----w- C:\Program Files (x86)\Mafia II HD
2014-08-12 22:01:58 43152 ----a-w- C:\Windows\avastSS.scr
2014-08-01 13:08:30 -------- d-----w- C:\Program Files (x86)\R.G. Freedom
2014-07-31 18:17:02 -------- d-----w- C:\Users\Bluf\AppData\Roaming\Abelssoft
2014-07-31 18:17:02 -------- d-----w- C:\ProgramData\XDMessagingv4
2014-07-31 18:17:01 -------- d-----w- C:\Users\Bluf\AppData\Local\Abelssoft
2014-07-31 18:16:45 -------- d-----w- C:\Program Files (x86)\mp3cutter
2014-07-31 12:42:45 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
.
==================== Find3M ====================
.
2014-08-12 22:02:05 92008 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-08-12 22:02:04 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-08-12 22:02:04 1041168 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-08-12 22:02:03 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-12 22:02:03 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-08-12 22:02:02 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-08-12 22:02:01 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-07-11 14:30:41 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-11 14:30:41 699056 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-17 18:33:53 1192387 ----a-w- C:\Windows\unins000.exe
.
============= FINISH: 19:52:49,32 ===============
