prosím o kontrolu pomalé pc
Napsal: 22 lis 2014 14:39
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdenek at 2014-11-22 14:30:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 1 GB (4%) free of 33 GB
Total RAM: 1913 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:57, on 22.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Alwil Software\Avast4\aswDisp.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Zdenek\Desktop\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\aswDisp.exe"
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [dc78ab48b43f38633703afb7dece9864]
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
..
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [dc78ab48b43f38633703afb7dece9864]
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
..
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! NetAgent - ALWIL Software - C:\Program Files\Alwil Software\Avast4\AvAgent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: MaintainerSvc3.35.6688013 - Unknown owner - C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Update snipsmart - Unknown owner - C:\Program Files\snipsmart\updatesnipsmart.exe (file missing)
--
End of file - 4995 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Zdenek\AppData\Roaming\Mozilla\Firefox\Profiles\o7dzqni1.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
C:\Users\Zdenek\AppData\Roaming\Mozilla\Firefox\Profiles\o7dzqni1.default\extensions\
45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com
check-compatibility@dactyl.googlecode.com
warnerroberts@hotmail.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll [2010-03-09 699904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-21 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-21 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-21 151064]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-08-11 2446648]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-03-29 184320]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"avast!"=C:\Program Files\Alwil Software\Avast4\aswDisp.exe [2010-02-18 81000]
"reset"=regedit /s reset.reg []
"dc78ab48b43f38633703afb7dece9864"=
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
.. []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"YTDownloader"=C:\Program Files\YTDownloader\YTDownloader.exe /boot []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"dc78ab48b43f38633703afb7dece9864"=
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
.. []
"YTDownloader"=C:\Program Files\YTDownloader\YTDownloader.exe /boot []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-13 217088]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-22 14:30:14 ----D---- C:\rsit
2014-11-22 14:30:14 ----D---- C:\Program Files\trend micro
2014-11-22 14:18:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-22 14:18:35 ----D---- C:\Program Files\Mozilla Firefox
2014-11-22 12:52:08 ----ASH---- C:\pagefile.sys
2014-11-19 19:52:10 ----D---- C:\Windows\rescache
2014-11-19 14:14:15 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 14:14:06 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 15:00:49 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 15:00:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:00:24 ----A---- C:\Windows\system32\msi.dll
2014-11-12 14:59:53 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 14:59:52 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 14:59:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 14:59:49 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 14:59:47 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 14:59:37 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 14:59:37 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 14:59:35 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 14:59:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 14:59:18 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 14:59:17 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 14:59:15 ----A---- C:\Windows\system32\packager.dll
2014-11-12 14:59:10 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:59:09 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:59:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:59:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:59:06 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:58:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:58:37 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 14:58:37 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 14:58:36 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 14:58:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 14:58:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 14:58:33 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 14:58:33 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 14:58:31 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 14:58:30 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 14:58:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:58:29 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 14:58:27 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 14:58:27 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 14:58:21 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 14:58:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 14:58:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:58:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:58:17 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 14:58:12 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 14:58:10 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 14:58:07 ----A---- C:\Windows\system32\jscript9.dll
2014-11-07 14:48:50 ----D---- C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65
2014-11-07 14:18:47 ----A---- C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys
2014-11-07 13:13:47 ----A---- C:\Users\Zdenek\AppData\Roaming\PJRNP.exe
2014-11-07 13:12:46 ----A---- C:\Users\Zdenek\AppData\Roaming\MTRJQDC.exe
2014-11-07 13:12:31 ----D---- C:\Program Files\globalUpdate
2014-10-26 23:40:23 ----D---- C:\Users\Zdenek\AppData\Roaming\BeautyPilot
======List of files/folders modified in the last 1 month======
2014-11-22 14:30:26 ----D---- C:\Windows\Prefetch
2014-11-22 14:30:16 ----D---- C:\Windows\Temp
2014-11-22 14:30:14 ----D---- C:\Program Files
2014-11-22 14:22:09 ----D---- C:\Windows\System32
2014-11-22 14:22:09 ----D---- C:\Windows\inf
2014-11-22 14:22:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-22 14:19:46 ----D---- C:\Windows\system32\config
2014-11-22 13:12:38 ----D---- C:\Users\Zdenek\AppData\Roaming\Flashmedia
2014-11-22 12:29:05 ----D---- C:\Program Files\Google
2014-11-22 12:29:04 ----D---- C:\Windows\system32\Tasks
2014-11-22 12:29:02 ----D---- C:\Windows\Tasks
2014-11-22 12:29:01 ----SHD---- C:\Windows\Installer
2014-11-20 21:19:07 ----SHD---- C:\System Volume Information
2014-11-20 17:42:45 ----D---- C:\Windows\system32\NDF
2014-11-20 07:16:38 ----D---- C:\Windows\winsxs
2014-11-19 19:52:10 ----D---- C:\Windows
2014-11-19 14:13:10 ----D---- C:\Windows\system32\catroot2
2014-11-19 14:13:10 ----D---- C:\Windows\system32\catroot
2014-11-19 07:38:03 ----D---- C:\Windows\Microsoft.NET
2014-11-19 07:17:54 ----RSD---- C:\Windows\assembly
2014-11-19 07:10:35 ----D---- C:\Windows\system32\cs-CZ
2014-11-18 23:03:12 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 23:01:35 ----SD---- C:\Windows\system32\CompatTel
2014-11-17 20:19:30 ----D---- C:\Windows\system32\en-US
2014-11-17 20:19:30 ----D---- C:\Windows\system32\drivers
2014-11-17 20:19:29 ----D---- C:\Program Files\Internet Explorer
2014-11-13 16:47:10 ----D---- C:\Windows\system32\MRT
2014-11-13 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2014-11-08 18:02:00 ----HD---- C:\ProgramData
2014-11-08 18:01:58 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-08 18:00:55 ----D---- C:\Program Files\Alwil Software
2014-11-08 17:33:17 ----A---- C:\Windows\win.ini
2014-11-07 13:09:44 ----D---- C:\Program Files\Common Files\System
2014-11-07 11:23:07 ----D---- C:\Windows\system32\DriverStore
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 20:13:50 ----D---- C:\Windows\system32\wdi
2014-10-25 15:33:25 ----D---- C:\Program Files\Common Files\Adobe
2014-10-25 15:30:01 ----D---- C:\Program Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 {123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw;{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw; C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys [2014-11-06 43152]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-29 24184]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-09-15 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-21 1218048]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-08-13 5946368]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-07-29 47360]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! NetAgent;avast! NetAgent; C:\Program Files\Alwil Software\Avast4\AvAgent.exe [2010-02-18 52160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 MaintainerSvc3.35.6688013;MaintainerSvc3.35.6688013; C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe [2014-11-22 123632]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Update snipsmart;Update snipsmart; C:\Program Files\snipsmart\updatesnipsmart.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-14 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-29 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\F
Run by Zdenek at 2014-11-22 14:30:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 1 GB (4%) free of 33 GB
Total RAM: 1913 MB (72% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:57, on 22.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Alwil Software\Avast4\aswDisp.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\conhost.exe
C:\totalcmd\TOTALCMD.EXE
C:\Users\Zdenek\Desktop\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\aswDisp.exe"
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [dc78ab48b43f38633703afb7dece9864]
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
..
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [dc78ab48b43f38633703afb7dece9864]
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
..
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files\YTDownloader\YTDownloader.exe" /boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! NetAgent - ALWIL Software - C:\Program Files\Alwil Software\Avast4\AvAgent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: MaintainerSvc3.35.6688013 - Unknown owner - C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Update snipsmart - Unknown owner - C:\Program Files\snipsmart\updatesnipsmart.exe (file missing)
--
End of file - 4995 bytes
=========Mozilla firefox=========
ProfilePath - C:\Users\Zdenek\AppData\Roaming\Mozilla\Firefox\Profiles\o7dzqni1.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.145 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
C:\Users\Zdenek\AppData\Roaming\Mozilla\Firefox\Profiles\o7dzqni1.default\extensions\
45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com
check-compatibility@dactyl.googlecode.com
warnerroberts@hotmail.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}]
SimpleAdblock Class - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll [2010-03-09 699904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-21 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-21 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-21 151064]
"TWebCamera"=C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2009-08-11 2446648]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2009-03-29 184320]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"avast!"=C:\Program Files\Alwil Software\Avast4\aswDisp.exe [2010-02-18 81000]
"reset"=regedit /s reset.reg []
"dc78ab48b43f38633703afb7dece9864"=
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
.. []
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2021400]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]
"YTDownloader"=C:\Program Files\YTDownloader\YTDownloader.exe /boot []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"dc78ab48b43f38633703afb7dece9864"=
C:\Users\Zdenek\AppData\Local\Temp\lsm.exe
.. []
"YTDownloader"=C:\Program Files\YTDownloader\YTDownloader.exe /boot []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-13 217088]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-22 14:30:14 ----D---- C:\rsit
2014-11-22 14:30:14 ----D---- C:\Program Files\trend micro
2014-11-22 14:18:37 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-11-22 14:18:35 ----D---- C:\Program Files\Mozilla Firefox
2014-11-22 12:52:08 ----ASH---- C:\pagefile.sys
2014-11-19 19:52:10 ----D---- C:\Windows\rescache
2014-11-19 14:14:15 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 14:14:06 ----A---- C:\Windows\system32\kerberos.dll
2014-11-12 15:00:49 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 15:00:32 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 15:00:24 ----A---- C:\Windows\system32\msi.dll
2014-11-12 14:59:53 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 14:59:52 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 14:59:51 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 14:59:50 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 14:59:49 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 14:59:47 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 14:59:37 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 14:59:37 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 14:59:36 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 14:59:35 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 14:59:19 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 14:59:18 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 14:59:17 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 14:59:15 ----A---- C:\Windows\system32\packager.dll
2014-11-12 14:59:10 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 14:59:09 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 14:59:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 14:59:07 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 14:59:06 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 14:58:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 14:58:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 14:58:37 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 14:58:37 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 14:58:36 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 14:58:36 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 14:58:34 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 14:58:33 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 14:58:33 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 14:58:33 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 14:58:31 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 14:58:30 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 14:58:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 14:58:29 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 14:58:27 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 14:58:27 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 14:58:21 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 14:58:20 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 14:58:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 14:58:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 14:58:17 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 14:58:12 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 14:58:10 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 14:58:07 ----A---- C:\Windows\system32\jscript9.dll
2014-11-07 14:48:50 ----D---- C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65
2014-11-07 14:18:47 ----A---- C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys
2014-11-07 13:13:47 ----A---- C:\Users\Zdenek\AppData\Roaming\PJRNP.exe
2014-11-07 13:12:46 ----A---- C:\Users\Zdenek\AppData\Roaming\MTRJQDC.exe
2014-11-07 13:12:31 ----D---- C:\Program Files\globalUpdate
2014-10-26 23:40:23 ----D---- C:\Users\Zdenek\AppData\Roaming\BeautyPilot
======List of files/folders modified in the last 1 month======
2014-11-22 14:30:26 ----D---- C:\Windows\Prefetch
2014-11-22 14:30:16 ----D---- C:\Windows\Temp
2014-11-22 14:30:14 ----D---- C:\Program Files
2014-11-22 14:22:09 ----D---- C:\Windows\System32
2014-11-22 14:22:09 ----D---- C:\Windows\inf
2014-11-22 14:22:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-22 14:19:46 ----D---- C:\Windows\system32\config
2014-11-22 13:12:38 ----D---- C:\Users\Zdenek\AppData\Roaming\Flashmedia
2014-11-22 12:29:05 ----D---- C:\Program Files\Google
2014-11-22 12:29:04 ----D---- C:\Windows\system32\Tasks
2014-11-22 12:29:02 ----D---- C:\Windows\Tasks
2014-11-22 12:29:01 ----SHD---- C:\Windows\Installer
2014-11-20 21:19:07 ----SHD---- C:\System Volume Information
2014-11-20 17:42:45 ----D---- C:\Windows\system32\NDF
2014-11-20 07:16:38 ----D---- C:\Windows\winsxs
2014-11-19 19:52:10 ----D---- C:\Windows
2014-11-19 14:13:10 ----D---- C:\Windows\system32\catroot2
2014-11-19 14:13:10 ----D---- C:\Windows\system32\catroot
2014-11-19 07:38:03 ----D---- C:\Windows\Microsoft.NET
2014-11-19 07:17:54 ----RSD---- C:\Windows\assembly
2014-11-19 07:10:35 ----D---- C:\Windows\system32\cs-CZ
2014-11-18 23:03:12 ----D---- C:\ProgramData\Microsoft Help
2014-11-18 23:01:35 ----SD---- C:\Windows\system32\CompatTel
2014-11-17 20:19:30 ----D---- C:\Windows\system32\en-US
2014-11-17 20:19:30 ----D---- C:\Windows\system32\drivers
2014-11-17 20:19:29 ----D---- C:\Program Files\Internet Explorer
2014-11-13 16:47:10 ----D---- C:\Windows\system32\MRT
2014-11-13 16:47:06 ----A---- C:\Windows\system32\MRT.exe
2014-11-08 18:02:00 ----HD---- C:\ProgramData
2014-11-08 18:01:58 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-08 18:00:55 ----D---- C:\Program Files\Alwil Software
2014-11-08 17:33:17 ----A---- C:\Windows\win.ini
2014-11-07 13:09:44 ----D---- C:\Program Files\Common Files\System
2014-11-07 11:23:07 ----D---- C:\Windows\system32\DriverStore
2014-11-04 14:30:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 20:13:50 ----D---- C:\Windows\system32\wdi
2014-10-25 15:33:25 ----D---- C:\Program Files\Common Files\Adobe
2014-10-25 15:30:01 ----D---- C:\Program Files\Adobe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 {123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw;{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw; C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys [2014-11-06 43152]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-29 24184]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-09-15 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-02-06 166448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-21 1218048]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver; C:\Windows\system32\DRIVERS\ATSwpWDF.sys [2012-10-18 971752]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2009-06-12 221912]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33096]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-08-13 5946368]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-07-29 47360]
R3 PGEffect;Pangu effect driver; C:\Windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! NetAgent;avast! NetAgent; C:\Program Files\Alwil Software\Avast4\AvAgent.exe [2010-02-18 52160]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-02-06 727720]
R2 MaintainerSvc3.35.6688013;MaintainerSvc3.35.6688013; C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe [2014-11-22 123632]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 Update snipsmart;Update snipsmart; C:\Program Files\snipsmart\updatesnipsmart.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 20680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 102912]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-14 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-29 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\F
Co udelame s tim nelegalnim ESET Smart Security???