prosim o pomoc neustale se spousti prikazovy radek asi stokrat za minutu a nic s tim nejde delat. Musel jsem ntb spustit v nouzovem rezimu
log z rsit
Logfile of random's system information tool 1.10 (written by random/random)
Run by Terezka at 2015-08-04 20:38:03
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (66%) free of 101 GB
Total RAM: 2288 MB (63% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll [2015-01-02 3627032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-16 5227648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Terezka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-04-07 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Extensions]
C:\Users\Terezka\AppData\Roaming\BrowserExtensions\CouponsHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-07-07 161616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2274600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2015-01-02 2640408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 279456]
C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
inet32g.exe
winupd32c.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-04 20:38:04 ----D---- C:\Program Files\trend micro
2015-08-04 20:38:03 ----D---- C:\rsit
2015-08-04 18:19:17 ----A---- C:\Windows\ntbtlog.txt
2015-08-04 18:07:39 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2015-08-04 18:05:40 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-04 18:05:04 ----D---- C:\ProgramData\Malwarebytes
2015-08-04 18:05:04 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wucltux.dll
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuapp.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups2.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wudriver.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuapi.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-04 14:07:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-04 14:07:34 ----A---- C:\Windows\system32\urlmon.dll
2015-08-04 14:07:32 ----A---- C:\Windows\system32\ieui.dll
2015-08-04 14:07:31 ----A---- C:\Windows\system32\ieframe.dll
2015-08-04 14:07:25 ----A---- C:\Windows\system32\mshtml.dll
2015-08-04 14:07:22 ----A---- C:\Windows\system32\iertutil.dll
2015-08-04 14:06:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-04 14:06:49 ----A---- C:\Windows\system32\iernonce.dll
2015-08-04 14:06:49 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-04 14:06:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-04 14:06:47 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-04 14:06:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-04 14:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-04 14:06:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\msrating.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\iesetup.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-04 14:06:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-04 14:06:20 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-04 14:06:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-04 14:06:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-04 14:06:06 ----A---- C:\Windows\system32\jscript.dll
2015-08-04 14:06:05 ----A---- C:\Windows\system32\vbscript.dll
2015-08-04 14:05:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\devinv.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\appraiser.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\acmigration.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\invagent.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\aeinv.dll
2015-08-04 14:05:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-04 14:05:04 ----A---- C:\Windows\system32\aepdu.dll
2015-08-04 14:05:02 ----A---- C:\Windows\system32\win32k.sys
2015-08-04 14:04:49 ----A---- C:\Windows\system32\kerberos.dll
2015-08-04 14:04:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-04 14:04:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-04 14:04:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-04 14:04:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-04 14:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\schannel.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\wdigest.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\lsass.exe
2015-08-04 14:04:42 ----A---- C:\Windows\system32\auditpol.exe
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspicli.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\secur32.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\msaudite.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\credssp.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-04 14:04:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-04 14:04:09 ----A---- C:\Windows\system32\msi.dll
2015-08-04 14:04:08 ----A---- C:\Windows\system32\consent.exe
2015-08-04 14:04:08 ----A---- C:\Windows\system32\authui.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msihnd.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msiexec.exe
2015-08-04 14:04:07 ----A---- C:\Windows\system32\appinfo.dll
2015-08-04 14:04:06 ----A---- C:\Windows\system32\msimsg.dll
2015-08-04 14:03:25 ----A---- C:\Windows\system32\ole32.dll
2015-08-04 14:02:48 ----A---- C:\Windows\system32\gdi32.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmlib.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmfd.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\lpk.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\fontsub.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\dciman32.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\crypt32.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\wintrust.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-08-04 13:55:18 ----A---- C:\Windows\system32\rdpcorets.dll
2015-08-04 13:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-04 13:55:14 ----A---- C:\Windows\system32\cewmdm.dll
2015-08-04 13:55:12 ----A---- C:\Windows\system32\jscript9.dll
2015-08-04 13:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-04 09:06:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-02 18:56:14 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files\Skype
2015-08-02 18:55:52 ----RD---- C:\Program Files\Skype
2015-08-02 18:55:43 ----D---- C:\ProgramData\Skype
2015-08-01 09:42:44 ----D---- C:\Program Files\Common Files\AV
2015-07-11 04:33:46 ----A---- C:\Windows\system32\GPhotos.scr
2015-07-07 17:10:22 ----N---- C:\Windows\system32\stapi32.dll
======List of files/folders modified in the last 1 month======
2015-08-04 20:38:04 ----D---- C:\Program Files
2015-08-04 20:37:40 ----D---- C:\Windows\Temp
2015-08-04 18:48:43 ----D---- C:\Windows\system32\drivers
2015-08-04 18:47:56 ----D---- C:\Users\Terezka\AppData\Roaming\BrowserExtensions
2015-08-04 18:37:07 ----D---- C:\Windows\System32
2015-08-04 18:37:07 ----D---- C:\Windows\inf
2015-08-04 18:31:04 ----D---- C:\Windows\schemas
2015-08-04 18:19:17 ----D---- C:\Windows
2015-08-04 18:17:21 ----D---- C:\Windows\system32\NDF
2015-08-04 18:05:04 ----HD---- C:\ProgramData
2015-08-04 18:02:08 ----D---- C:\Windows\pss
2015-08-04 14:49:23 ----D---- C:\Windows\system32\config
2015-08-04 14:48:47 ----D---- C:\Windows\winsxs
2015-08-04 14:34:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-04 14:34:37 ----D---- C:\Windows\system32\wbem
2015-08-04 14:34:37 ----D---- C:\Windows\system32\appraiser
2015-08-04 14:34:36 ----D---- C:\Windows\system32\cs-CZ
2015-08-04 14:34:36 ----D---- C:\Windows\AppPatch
2015-08-04 14:34:32 ----SD---- C:\Windows\system32\GWX
2015-08-04 14:34:30 ----D---- C:\Windows\system32\en-US
2015-08-04 14:34:30 ----D---- C:\Windows\PolicyDefinitions
2015-08-04 14:34:30 ----D---- C:\Program Files\Internet Explorer
2015-08-04 14:26:44 ----D---- C:\Windows\system32\MRT
2015-08-04 13:42:16 ----D---- C:\Windows\system32\catroot2
2015-08-04 09:29:59 ----D---- C:\Windows\Minidump
2015-08-04 08:29:12 ----SD---- C:\Users\Terezka\AppData\Roaming\Microsoft
2015-08-02 19:06:49 ----SHD---- C:\Windows\Installer
2015-08-02 19:06:49 ----SHD---- C:\Config.Msi
2015-08-02 19:01:36 ----D---- C:\Windows\Prefetch
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files
2015-08-01 09:42:44 ----D---- C:\Windows\system32\Tasks
2015-07-16 21:58:36 ----D---- C:\Windows\Tasks
2015-07-15 09:42:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 19:13:05 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 70272]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 149632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-24 1349168]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-28 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-28 206248]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-28 81768]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-28 787800]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-28 423784]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-28 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-28 70384]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-28 91496]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-25 8598528]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-25 257024]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-21 2171904]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-02-16 145920]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2013-11-26 2122952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-17 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1826784]
S3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2012-09-20 452096]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-17 27136]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-25 176128]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-28 50344]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2012-09-20 303186]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [2015-01-02 1820184]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
neustale se spoustejici cmd.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: neustale se spoustejici cmd.exe
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: neustale se spoustejici cmd.exe
# AdwCleaner v4.208 - Log vytvořen 04/08/2015 v 21:18:03
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : Terezka - TEREZKA-PC
# Spuštěno z : C:\Users\Terezka\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
[#] Služba Smazáno : vToolbarUpdater18.1.9
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\AVG SafeGuard toolbar
Složka Smazáno : C:\ProgramData\AVG Secure Search
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Složka Smazáno : C:\Program Files\AVG SafeGuard toolbar
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\Internet Speed Checker
Složka Smazáno : C:\Program Files\DriverToolkit
Složka Smazáno : C:\Program Files\Common Files\AVG Secure Search
Složka Smazáno : C:\Users\Terezka\AppData\Local\AVG SafeGuard toolbar
Složka Smazáno : C:\Users\Terezka\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Terezka\AppData\Local\DriverToolkit
Složka Smazáno : C:\Users\Terezka\AppData\LocalLow\AVG SafeGuard toolbar
Složka Smazáno : C:\Users\Terezka\AppData\LocalLow\Internet Speed Checker
Složka Smazáno : C:\Users\Terezka\AppData\Roaming\Slick Savings
Složka Smazáno : C:\Users\Terezka\AppData\Roaming\BrowserExtensions
Soubor Smazáno : C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč Smazáno : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\Browser Extensions
Klíč Smazáno : HKLM\SOFTWARE\Classes\pc-mechanic
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Klíč Smazáno : HKCU\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKCU\Software\DriverToolkit
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Browser Extensions
Klíč Smazáno : HKLM\SOFTWARE\AVG SafeGuard toolbar
Klíč Smazáno : HKLM\SOFTWARE\AVG Security Toolbar
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Google Chrome v44.0.2403.125
[C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [5706 bytů] - [04/08/2015 21:15:48]
AdwCleaner[S0].txt - [5439 bytů] - [04/08/2015 21:18:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5497 bytů] ##########
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-09.2 [Local]
# Operační system : Windows 7 Professional Service Pack 1 (x86)
# Uživatelské jméno : Terezka - TEREZKA-PC
# Spuštěno z : C:\Users\Terezka\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
[#] Služba Smazáno : vToolbarUpdater18.1.9
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\AVG SafeGuard toolbar
Složka Smazáno : C:\ProgramData\AVG Secure Search
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit
Složka Smazáno : C:\Program Files\AVG SafeGuard toolbar
Složka Smazáno : C:\Program Files\globalUpdate
Složka Smazáno : C:\Program Files\Internet Speed Checker
Složka Smazáno : C:\Program Files\DriverToolkit
Složka Smazáno : C:\Program Files\Common Files\AVG Secure Search
Složka Smazáno : C:\Users\Terezka\AppData\Local\AVG SafeGuard toolbar
Složka Smazáno : C:\Users\Terezka\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Terezka\AppData\Local\DriverToolkit
Složka Smazáno : C:\Users\Terezka\AppData\LocalLow\AVG SafeGuard toolbar
Složka Smazáno : C:\Users\Terezka\AppData\LocalLow\Internet Speed Checker
Složka Smazáno : C:\Users\Terezka\AppData\Roaming\Slick Savings
Složka Smazáno : C:\Users\Terezka\AppData\Roaming\BrowserExtensions
Soubor Smazáno : C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Klíč Smazáno : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Klíč Smazáno : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč Smazáno : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\Browser Extensions
Klíč Smazáno : HKLM\SOFTWARE\Classes\pc-mechanic
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Klíč Smazáno : HKCU\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKCU\Software\DriverToolkit
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Browser Extensions
Klíč Smazáno : HKLM\SOFTWARE\AVG SafeGuard toolbar
Klíč Smazáno : HKLM\SOFTWARE\AVG Security Toolbar
Klíč Smazáno : HKLM\SOFTWARE\Uniblue
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D66BF89F-B0A2-48F5-A2E4-242EB645AB76}_is1
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Google Chrome v44.0.2403.125
[C:\Users\Terezka\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
*************************
AdwCleaner[R0].txt - [5706 bytů] - [04/08/2015 21:15:48]
AdwCleaner[S0].txt - [5439 bytů] - [04/08/2015 21:18:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5497 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: neustale se spoustejici cmd.exe
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: neustale se spoustejici cmd.exe
Logfile of random's system information tool 1.10 (written by random/random)
Run by Terezka at 2015-08-04 23:00:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (66%) free of 101 GB
Total RAM: 2288 MB (66% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-16 5227648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[S0].txt [2015-08-04 5576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Terezka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-04-07 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-07-07 161616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2274600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 279456]
C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
inet32g.exe
winupd32c.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-04 21:15:46 ----D---- C:\AdwCleaner
2015-08-04 20:38:04 ----D---- C:\Program Files\trend micro
2015-08-04 20:38:03 ----D---- C:\rsit
2015-08-04 18:19:17 ----A---- C:\Windows\ntbtlog.txt
2015-08-04 18:07:39 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2015-08-04 18:05:40 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-04 18:05:04 ----D---- C:\ProgramData\Malwarebytes
2015-08-04 18:05:04 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wucltux.dll
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuapp.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups2.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wudriver.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuapi.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-04 14:07:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-04 14:07:34 ----A---- C:\Windows\system32\urlmon.dll
2015-08-04 14:07:32 ----A---- C:\Windows\system32\ieui.dll
2015-08-04 14:07:31 ----A---- C:\Windows\system32\ieframe.dll
2015-08-04 14:07:25 ----A---- C:\Windows\system32\mshtml.dll
2015-08-04 14:07:22 ----A---- C:\Windows\system32\iertutil.dll
2015-08-04 14:06:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-04 14:06:49 ----A---- C:\Windows\system32\iernonce.dll
2015-08-04 14:06:49 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-04 14:06:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-04 14:06:47 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-04 14:06:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-04 14:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-04 14:06:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\msrating.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\iesetup.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-04 14:06:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-04 14:06:20 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-04 14:06:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-04 14:06:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-04 14:06:06 ----A---- C:\Windows\system32\jscript.dll
2015-08-04 14:06:05 ----A---- C:\Windows\system32\vbscript.dll
2015-08-04 14:05:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\devinv.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\appraiser.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\acmigration.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\invagent.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\aeinv.dll
2015-08-04 14:05:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-04 14:05:04 ----A---- C:\Windows\system32\aepdu.dll
2015-08-04 14:05:02 ----A---- C:\Windows\system32\win32k.sys
2015-08-04 14:04:49 ----A---- C:\Windows\system32\kerberos.dll
2015-08-04 14:04:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-04 14:04:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-04 14:04:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-04 14:04:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-04 14:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\schannel.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\wdigest.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\lsass.exe
2015-08-04 14:04:42 ----A---- C:\Windows\system32\auditpol.exe
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspicli.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\secur32.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\msaudite.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\credssp.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-04 14:04:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-04 14:04:09 ----A---- C:\Windows\system32\msi.dll
2015-08-04 14:04:08 ----A---- C:\Windows\system32\consent.exe
2015-08-04 14:04:08 ----A---- C:\Windows\system32\authui.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msihnd.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msiexec.exe
2015-08-04 14:04:07 ----A---- C:\Windows\system32\appinfo.dll
2015-08-04 14:04:06 ----A---- C:\Windows\system32\msimsg.dll
2015-08-04 14:03:25 ----A---- C:\Windows\system32\ole32.dll
2015-08-04 14:02:48 ----A---- C:\Windows\system32\gdi32.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmlib.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmfd.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\lpk.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\fontsub.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\dciman32.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\crypt32.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\wintrust.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-08-04 13:55:18 ----A---- C:\Windows\system32\rdpcorets.dll
2015-08-04 13:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-04 13:55:14 ----A---- C:\Windows\system32\cewmdm.dll
2015-08-04 13:55:12 ----A---- C:\Windows\system32\jscript9.dll
2015-08-04 13:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-04 09:06:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-02 18:56:14 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files\Skype
2015-08-02 18:55:52 ----RD---- C:\Program Files\Skype
2015-08-02 18:55:43 ----D---- C:\ProgramData\Skype
2015-08-01 09:42:44 ----D---- C:\Program Files\Common Files\AV
2015-07-11 04:33:46 ----A---- C:\Windows\system32\GPhotos.scr
2015-07-07 17:10:22 ----N---- C:\Windows\system32\stapi32.dll
======List of files/folders modified in the last 1 month======
2015-08-04 21:18:05 ----D---- C:\Windows\Temp
2015-08-04 21:18:04 ----HD---- C:\ProgramData
2015-08-04 21:18:04 ----D---- C:\Program Files
2015-08-04 20:40:20 ----D---- C:\Windows\System32
2015-08-04 20:40:20 ----D---- C:\Windows\inf
2015-08-04 18:48:43 ----D---- C:\Windows\system32\drivers
2015-08-04 18:31:04 ----D---- C:\Windows\schemas
2015-08-04 18:19:17 ----D---- C:\Windows
2015-08-04 18:17:21 ----D---- C:\Windows\system32\NDF
2015-08-04 18:02:08 ----D---- C:\Windows\pss
2015-08-04 14:49:23 ----D---- C:\Windows\system32\config
2015-08-04 14:48:47 ----D---- C:\Windows\winsxs
2015-08-04 14:34:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-04 14:34:37 ----D---- C:\Windows\system32\wbem
2015-08-04 14:34:37 ----D---- C:\Windows\system32\appraiser
2015-08-04 14:34:36 ----D---- C:\Windows\system32\cs-CZ
2015-08-04 14:34:36 ----D---- C:\Windows\AppPatch
2015-08-04 14:34:32 ----SD---- C:\Windows\system32\GWX
2015-08-04 14:34:30 ----D---- C:\Windows\system32\en-US
2015-08-04 14:34:30 ----D---- C:\Windows\PolicyDefinitions
2015-08-04 14:34:30 ----D---- C:\Program Files\Internet Explorer
2015-08-04 14:32:50 ----D---- C:\Windows\system32\MRT
2015-08-04 13:42:16 ----D---- C:\Windows\system32\catroot2
2015-08-04 09:29:59 ----D---- C:\Windows\Minidump
2015-08-04 08:29:12 ----SD---- C:\Users\Terezka\AppData\Roaming\Microsoft
2015-08-02 19:06:49 ----SHD---- C:\Windows\Installer
2015-08-02 19:06:49 ----SHD---- C:\Config.Msi
2015-08-02 19:01:36 ----D---- C:\Windows\Prefetch
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files
2015-08-01 09:42:44 ----D---- C:\Windows\system32\Tasks
2015-07-16 21:58:36 ----D---- C:\Windows\Tasks
2015-07-15 09:42:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 19:13:05 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 70272]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 149632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-24 1349168]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-28 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-28 206248]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-28 81768]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-28 787800]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-28 423784]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-28 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-28 70384]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-28 91496]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-25 8598528]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-25 257024]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-21 2171904]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-02-16 145920]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-08-04 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2013-11-26 2122952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-17 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1826784]
S3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2012-09-20 452096]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-17 27136]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-25 176128]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-28 50344]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2012-09-20 303186]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Run by Terezka at 2015-08-04 23:00:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (66%) free of 101 GB
Total RAM: 2288 MB (66% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-16 5227648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[S0].txt [2015-08-04 5576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Terezka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-04-07 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-07-07 161616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2274600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 279456]
C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
inet32g.exe
winupd32c.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-04 21:15:46 ----D---- C:\AdwCleaner
2015-08-04 20:38:04 ----D---- C:\Program Files\trend micro
2015-08-04 20:38:03 ----D---- C:\rsit
2015-08-04 18:19:17 ----A---- C:\Windows\ntbtlog.txt
2015-08-04 18:07:39 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2015-08-04 18:05:40 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-04 18:05:04 ----D---- C:\ProgramData\Malwarebytes
2015-08-04 18:05:04 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wucltux.dll
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuapp.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups2.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wudriver.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuapi.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-04 14:07:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-04 14:07:34 ----A---- C:\Windows\system32\urlmon.dll
2015-08-04 14:07:32 ----A---- C:\Windows\system32\ieui.dll
2015-08-04 14:07:31 ----A---- C:\Windows\system32\ieframe.dll
2015-08-04 14:07:25 ----A---- C:\Windows\system32\mshtml.dll
2015-08-04 14:07:22 ----A---- C:\Windows\system32\iertutil.dll
2015-08-04 14:06:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-04 14:06:49 ----A---- C:\Windows\system32\iernonce.dll
2015-08-04 14:06:49 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-04 14:06:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-04 14:06:47 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-04 14:06:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-04 14:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-04 14:06:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\msrating.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\iesetup.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-04 14:06:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-04 14:06:20 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-04 14:06:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-04 14:06:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-04 14:06:06 ----A---- C:\Windows\system32\jscript.dll
2015-08-04 14:06:05 ----A---- C:\Windows\system32\vbscript.dll
2015-08-04 14:05:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\devinv.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\appraiser.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\acmigration.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\invagent.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\aeinv.dll
2015-08-04 14:05:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-04 14:05:04 ----A---- C:\Windows\system32\aepdu.dll
2015-08-04 14:05:02 ----A---- C:\Windows\system32\win32k.sys
2015-08-04 14:04:49 ----A---- C:\Windows\system32\kerberos.dll
2015-08-04 14:04:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-04 14:04:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-04 14:04:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-04 14:04:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-04 14:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\schannel.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\wdigest.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\lsass.exe
2015-08-04 14:04:42 ----A---- C:\Windows\system32\auditpol.exe
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspicli.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\secur32.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\msaudite.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\credssp.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-04 14:04:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-04 14:04:09 ----A---- C:\Windows\system32\msi.dll
2015-08-04 14:04:08 ----A---- C:\Windows\system32\consent.exe
2015-08-04 14:04:08 ----A---- C:\Windows\system32\authui.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msihnd.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msiexec.exe
2015-08-04 14:04:07 ----A---- C:\Windows\system32\appinfo.dll
2015-08-04 14:04:06 ----A---- C:\Windows\system32\msimsg.dll
2015-08-04 14:03:25 ----A---- C:\Windows\system32\ole32.dll
2015-08-04 14:02:48 ----A---- C:\Windows\system32\gdi32.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmlib.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmfd.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\lpk.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\fontsub.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\dciman32.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\crypt32.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\wintrust.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-08-04 13:55:18 ----A---- C:\Windows\system32\rdpcorets.dll
2015-08-04 13:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-04 13:55:14 ----A---- C:\Windows\system32\cewmdm.dll
2015-08-04 13:55:12 ----A---- C:\Windows\system32\jscript9.dll
2015-08-04 13:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-04 09:06:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-02 18:56:14 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files\Skype
2015-08-02 18:55:52 ----RD---- C:\Program Files\Skype
2015-08-02 18:55:43 ----D---- C:\ProgramData\Skype
2015-08-01 09:42:44 ----D---- C:\Program Files\Common Files\AV
2015-07-11 04:33:46 ----A---- C:\Windows\system32\GPhotos.scr
2015-07-07 17:10:22 ----N---- C:\Windows\system32\stapi32.dll
======List of files/folders modified in the last 1 month======
2015-08-04 21:18:05 ----D---- C:\Windows\Temp
2015-08-04 21:18:04 ----HD---- C:\ProgramData
2015-08-04 21:18:04 ----D---- C:\Program Files
2015-08-04 20:40:20 ----D---- C:\Windows\System32
2015-08-04 20:40:20 ----D---- C:\Windows\inf
2015-08-04 18:48:43 ----D---- C:\Windows\system32\drivers
2015-08-04 18:31:04 ----D---- C:\Windows\schemas
2015-08-04 18:19:17 ----D---- C:\Windows
2015-08-04 18:17:21 ----D---- C:\Windows\system32\NDF
2015-08-04 18:02:08 ----D---- C:\Windows\pss
2015-08-04 14:49:23 ----D---- C:\Windows\system32\config
2015-08-04 14:48:47 ----D---- C:\Windows\winsxs
2015-08-04 14:34:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-04 14:34:37 ----D---- C:\Windows\system32\wbem
2015-08-04 14:34:37 ----D---- C:\Windows\system32\appraiser
2015-08-04 14:34:36 ----D---- C:\Windows\system32\cs-CZ
2015-08-04 14:34:36 ----D---- C:\Windows\AppPatch
2015-08-04 14:34:32 ----SD---- C:\Windows\system32\GWX
2015-08-04 14:34:30 ----D---- C:\Windows\system32\en-US
2015-08-04 14:34:30 ----D---- C:\Windows\PolicyDefinitions
2015-08-04 14:34:30 ----D---- C:\Program Files\Internet Explorer
2015-08-04 14:32:50 ----D---- C:\Windows\system32\MRT
2015-08-04 13:42:16 ----D---- C:\Windows\system32\catroot2
2015-08-04 09:29:59 ----D---- C:\Windows\Minidump
2015-08-04 08:29:12 ----SD---- C:\Users\Terezka\AppData\Roaming\Microsoft
2015-08-02 19:06:49 ----SHD---- C:\Windows\Installer
2015-08-02 19:06:49 ----SHD---- C:\Config.Msi
2015-08-02 19:01:36 ----D---- C:\Windows\Prefetch
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files
2015-08-01 09:42:44 ----D---- C:\Windows\system32\Tasks
2015-07-16 21:58:36 ----D---- C:\Windows\Tasks
2015-07-15 09:42:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 19:13:05 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 70272]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 149632]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-24 1349168]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-28 49944]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-28 206248]
S1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-28 81768]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-28 787800]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-28 423784]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-28 24184]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-28 70384]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-28 91496]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-25 8598528]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-25 257024]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-21 2171904]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-02-16 145920]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-08-04 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2013-11-26 2122952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-17 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1826784]
S3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2012-09-20 452096]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-17 27136]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-25 176128]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-28 50344]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
S2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2012-09-20 303186]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: neustale se spoustejici cmd.exe
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte a ntivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Skype\Toolbars
C:\Windows\AutoKMS.exe
C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\inet32g.exe
C:\Users\Terezka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\winupd32c.exe
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
:services
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: neustale se spoustejici cmd.exe
Logfile of random's system information tool 1.10 (written by random/random)
Run by Terezka at 2015-08-05 18:11:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (67%) free of 101 GB
Total RAM: 2288 MB (54% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-16 5227648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Terezka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-04-07 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-07-07 161616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2274600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 279456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-05 18:00:47 ----D---- C:\_OTM
2015-08-05 17:54:41 ----N---- C:\bootsqm.dat
2015-08-04 21:15:46 ----D---- C:\AdwCleaner
2015-08-04 20:38:04 ----D---- C:\Program Files\trend micro
2015-08-04 20:38:03 ----D---- C:\rsit
2015-08-04 18:19:17 ----A---- C:\Windows\ntbtlog.txt
2015-08-04 18:07:39 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2015-08-04 18:05:40 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-04 18:05:04 ----D---- C:\ProgramData\Malwarebytes
2015-08-04 18:05:04 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wucltux.dll
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuapp.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups2.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wudriver.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuapi.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-04 14:07:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-04 14:07:34 ----A---- C:\Windows\system32\urlmon.dll
2015-08-04 14:07:32 ----A---- C:\Windows\system32\ieui.dll
2015-08-04 14:07:31 ----A---- C:\Windows\system32\ieframe.dll
2015-08-04 14:07:25 ----A---- C:\Windows\system32\mshtml.dll
2015-08-04 14:07:22 ----A---- C:\Windows\system32\iertutil.dll
2015-08-04 14:06:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-04 14:06:49 ----A---- C:\Windows\system32\iernonce.dll
2015-08-04 14:06:49 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-04 14:06:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-04 14:06:47 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-04 14:06:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-04 14:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-04 14:06:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\msrating.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\iesetup.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-04 14:06:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-04 14:06:20 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-04 14:06:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-04 14:06:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-04 14:06:06 ----A---- C:\Windows\system32\jscript.dll
2015-08-04 14:06:05 ----A---- C:\Windows\system32\vbscript.dll
2015-08-04 14:05:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\devinv.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\appraiser.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\acmigration.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\invagent.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\aeinv.dll
2015-08-04 14:05:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-04 14:05:04 ----A---- C:\Windows\system32\aepdu.dll
2015-08-04 14:05:02 ----A---- C:\Windows\system32\win32k.sys
2015-08-04 14:04:49 ----A---- C:\Windows\system32\kerberos.dll
2015-08-04 14:04:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-04 14:04:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-04 14:04:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-04 14:04:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-04 14:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\schannel.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\wdigest.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\lsass.exe
2015-08-04 14:04:42 ----A---- C:\Windows\system32\auditpol.exe
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspicli.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\secur32.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\msaudite.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\credssp.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-04 14:04:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-04 14:04:09 ----A---- C:\Windows\system32\msi.dll
2015-08-04 14:04:08 ----A---- C:\Windows\system32\consent.exe
2015-08-04 14:04:08 ----A---- C:\Windows\system32\authui.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msihnd.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msiexec.exe
2015-08-04 14:04:07 ----A---- C:\Windows\system32\appinfo.dll
2015-08-04 14:04:06 ----A---- C:\Windows\system32\msimsg.dll
2015-08-04 14:03:25 ----A---- C:\Windows\system32\ole32.dll
2015-08-04 14:02:48 ----A---- C:\Windows\system32\gdi32.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmlib.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmfd.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\lpk.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\fontsub.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\dciman32.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\crypt32.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\wintrust.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-08-04 13:55:18 ----A---- C:\Windows\system32\rdpcorets.dll
2015-08-04 13:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-04 13:55:14 ----A---- C:\Windows\system32\cewmdm.dll
2015-08-04 13:55:12 ----A---- C:\Windows\system32\jscript9.dll
2015-08-04 13:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-04 09:06:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-02 18:56:14 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files\Skype
2015-08-02 18:55:52 ----RD---- C:\Program Files\Skype
2015-08-02 18:55:43 ----D---- C:\ProgramData\Skype
2015-08-01 09:42:44 ----D---- C:\Program Files\Common Files\AV
2015-07-11 04:33:46 ----A---- C:\Windows\system32\GPhotos.scr
2015-07-07 17:10:22 ----N---- C:\Windows\system32\stapi32.dll
======List of files/folders modified in the last 1 month======
2015-08-05 18:11:08 ----D---- C:\Windows\Temp
2015-08-05 18:10:21 ----D---- C:\Windows\Prefetch
2015-08-05 18:07:56 ----D---- C:\Windows\System32
2015-08-05 18:07:56 ----D---- C:\Windows\inf
2015-08-05 18:00:48 ----D---- C:\Windows\Tasks
2015-08-04 21:18:04 ----HD---- C:\ProgramData
2015-08-04 21:18:04 ----D---- C:\Program Files
2015-08-04 18:48:43 ----D---- C:\Windows\system32\drivers
2015-08-04 18:31:04 ----D---- C:\Windows\schemas
2015-08-04 18:19:17 ----D---- C:\Windows
2015-08-04 18:17:21 ----D---- C:\Windows\system32\NDF
2015-08-04 18:02:08 ----D---- C:\Windows\pss
2015-08-04 14:49:23 ----D---- C:\Windows\system32\config
2015-08-04 14:48:47 ----D---- C:\Windows\winsxs
2015-08-04 14:34:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-04 14:34:37 ----D---- C:\Windows\system32\wbem
2015-08-04 14:34:37 ----D---- C:\Windows\system32\appraiser
2015-08-04 14:34:36 ----D---- C:\Windows\system32\cs-CZ
2015-08-04 14:34:36 ----D---- C:\Windows\AppPatch
2015-08-04 14:34:32 ----SD---- C:\Windows\system32\GWX
2015-08-04 14:34:30 ----D---- C:\Windows\system32\en-US
2015-08-04 14:34:30 ----D---- C:\Windows\PolicyDefinitions
2015-08-04 14:34:30 ----D---- C:\Program Files\Internet Explorer
2015-08-04 14:32:50 ----D---- C:\Windows\system32\MRT
2015-08-04 13:42:16 ----D---- C:\Windows\system32\catroot2
2015-08-04 09:29:59 ----D---- C:\Windows\Minidump
2015-08-04 08:29:12 ----SD---- C:\Users\Terezka\AppData\Roaming\Microsoft
2015-08-02 19:06:49 ----SHD---- C:\Windows\Installer
2015-08-02 19:06:49 ----SHD---- C:\Config.Msi
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files
2015-08-01 09:42:44 ----D---- C:\Windows\system32\Tasks
2015-07-15 09:42:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 19:13:05 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-28 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-28 206248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-28 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-28 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-28 423784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-28 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-28 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-28 91496]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 70272]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-25 8598528]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-25 257024]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 149632]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-21 2171904]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1826784]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2012-09-20 452096]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-24 1349168]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-02-16 145920]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-08-05 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2013-11-26 2122952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-17 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-17 27136]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-25 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-28 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2012-09-20 303186]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Run by Terezka at 2015-08-05 18:11:10
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 67 GB (67%) free of 101 GB
Total RAM: 2288 MB (54% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files\DriverToolkit\DriverToolkit.exe --autorun
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-16 5227648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Terezka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-04-07 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ChangeFilterMerit]
C:\Program Files\NewSoft\Presto! PVR\ChangeFilterMerit.exe [2007-06-08 51280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_C8B0415DA6BBBCD7E2ED3B9457CDC38A]
C:\Program Files\Google\Chrome\Application\chrome.exe [2015-07-25 813896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2010-03-16 718208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Presto! PVR Monitor]
C:\Program Files\NewSoft\Presto! PVR\Monitor.exe [2009-07-07 161616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RESTART_STICKY_NOTES]
C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2015-07-28 53655680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-26 343168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-06-24 2274600]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
C:\Program Files\IDT\WDM\sttray.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files\AVG SafeGuard toolbar\vprot.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\385C9A~1.150\SSSCHE~1.EXE [2014-04-09 279456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-05 18:00:47 ----D---- C:\_OTM
2015-08-05 17:54:41 ----N---- C:\bootsqm.dat
2015-08-04 21:15:46 ----D---- C:\AdwCleaner
2015-08-04 20:38:04 ----D---- C:\Program Files\trend micro
2015-08-04 20:38:03 ----D---- C:\rsit
2015-08-04 18:19:17 ----A---- C:\Windows\ntbtlog.txt
2015-08-04 18:07:39 ----A---- C:\Windows\system32\PerfStringBackup.TMP
2015-08-04 18:05:40 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-08-04 18:05:04 ----D---- C:\ProgramData\Malwarebytes
2015-08-04 18:05:04 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-08-04 18:05:04 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wucltux.dll
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wuapp.exe
2015-08-04 14:07:46 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups2.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wups.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wudriver.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\wuapi.dll
2015-08-04 14:07:45 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-04 14:07:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-04 14:07:34 ----A---- C:\Windows\system32\urlmon.dll
2015-08-04 14:07:32 ----A---- C:\Windows\system32\ieui.dll
2015-08-04 14:07:31 ----A---- C:\Windows\system32\ieframe.dll
2015-08-04 14:07:25 ----A---- C:\Windows\system32\mshtml.dll
2015-08-04 14:07:22 ----A---- C:\Windows\system32\iertutil.dll
2015-08-04 14:06:51 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-04 14:06:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-04 14:06:49 ----A---- C:\Windows\system32\iernonce.dll
2015-08-04 14:06:49 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-04 14:06:48 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-04 14:06:47 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-04 14:06:43 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-04 14:06:42 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-04 14:06:42 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-04 14:06:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\msrating.dll
2015-08-04 14:06:34 ----A---- C:\Windows\system32\iesetup.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\wininet.dll
2015-08-04 14:06:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-04 14:06:29 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-04 14:06:20 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-04 14:06:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-04 14:06:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-04 14:06:06 ----A---- C:\Windows\system32\jscript.dll
2015-08-04 14:06:05 ----A---- C:\Windows\system32\vbscript.dll
2015-08-04 14:05:11 ----A---- C:\Windows\system32\generaltel.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\devinv.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\appraiser.dll
2015-08-04 14:05:10 ----A---- C:\Windows\system32\acmigration.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\invagent.dll
2015-08-04 14:05:09 ----A---- C:\Windows\system32\aeinv.dll
2015-08-04 14:05:04 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-04 14:05:04 ----A---- C:\Windows\system32\aepdu.dll
2015-08-04 14:05:02 ----A---- C:\Windows\system32\win32k.sys
2015-08-04 14:04:49 ----A---- C:\Windows\system32\kerberos.dll
2015-08-04 14:04:49 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-04 14:04:47 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-04 14:04:46 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-04 14:04:45 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-04 14:04:45 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-04 14:04:44 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-04 14:04:43 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\schannel.dll
2015-08-04 14:04:43 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\wdigest.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-04 14:04:42 ----A---- C:\Windows\system32\lsass.exe
2015-08-04 14:04:42 ----A---- C:\Windows\system32\auditpol.exe
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\sspicli.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\secur32.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\msaudite.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\credssp.dll
2015-08-04 14:04:41 ----A---- C:\Windows\system32\adtschema.dll
2015-08-04 14:04:40 ----A---- C:\Windows\system32\msobjs.dll
2015-08-04 14:04:09 ----A---- C:\Windows\system32\msi.dll
2015-08-04 14:04:08 ----A---- C:\Windows\system32\consent.exe
2015-08-04 14:04:08 ----A---- C:\Windows\system32\authui.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msihnd.dll
2015-08-04 14:04:07 ----A---- C:\Windows\system32\msiexec.exe
2015-08-04 14:04:07 ----A---- C:\Windows\system32\appinfo.dll
2015-08-04 14:04:06 ----A---- C:\Windows\system32\msimsg.dll
2015-08-04 14:03:25 ----A---- C:\Windows\system32\ole32.dll
2015-08-04 14:02:48 ----A---- C:\Windows\system32\gdi32.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmlib.dll
2015-08-04 14:02:31 ----A---- C:\Windows\system32\atmfd.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\lpk.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\fontsub.dll
2015-08-04 14:02:30 ----A---- C:\Windows\system32\dciman32.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\cryptsvc.dll
2015-08-04 14:02:21 ----A---- C:\Windows\system32\crypt32.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\wintrust.dll
2015-08-04 14:02:20 ----A---- C:\Windows\system32\cryptnet.dll
2015-08-04 13:55:18 ----A---- C:\Windows\system32\rdpcorets.dll
2015-08-04 13:55:17 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-08-04 13:55:14 ----A---- C:\Windows\system32\cewmdm.dll
2015-08-04 13:55:12 ----A---- C:\Windows\system32\jscript9.dll
2015-08-04 13:55:10 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-04 09:06:29 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-08-02 18:56:14 ----D---- C:\Users\Terezka\AppData\Roaming\Skype
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files\Skype
2015-08-02 18:55:52 ----RD---- C:\Program Files\Skype
2015-08-02 18:55:43 ----D---- C:\ProgramData\Skype
2015-08-01 09:42:44 ----D---- C:\Program Files\Common Files\AV
2015-07-11 04:33:46 ----A---- C:\Windows\system32\GPhotos.scr
2015-07-07 17:10:22 ----N---- C:\Windows\system32\stapi32.dll
======List of files/folders modified in the last 1 month======
2015-08-05 18:11:08 ----D---- C:\Windows\Temp
2015-08-05 18:10:21 ----D---- C:\Windows\Prefetch
2015-08-05 18:07:56 ----D---- C:\Windows\System32
2015-08-05 18:07:56 ----D---- C:\Windows\inf
2015-08-05 18:00:48 ----D---- C:\Windows\Tasks
2015-08-04 21:18:04 ----HD---- C:\ProgramData
2015-08-04 21:18:04 ----D---- C:\Program Files
2015-08-04 18:48:43 ----D---- C:\Windows\system32\drivers
2015-08-04 18:31:04 ----D---- C:\Windows\schemas
2015-08-04 18:19:17 ----D---- C:\Windows
2015-08-04 18:17:21 ----D---- C:\Windows\system32\NDF
2015-08-04 18:02:08 ----D---- C:\Windows\pss
2015-08-04 14:49:23 ----D---- C:\Windows\system32\config
2015-08-04 14:48:47 ----D---- C:\Windows\winsxs
2015-08-04 14:34:37 ----SD---- C:\Windows\system32\CompatTel
2015-08-04 14:34:37 ----D---- C:\Windows\system32\wbem
2015-08-04 14:34:37 ----D---- C:\Windows\system32\appraiser
2015-08-04 14:34:36 ----D---- C:\Windows\system32\cs-CZ
2015-08-04 14:34:36 ----D---- C:\Windows\AppPatch
2015-08-04 14:34:32 ----SD---- C:\Windows\system32\GWX
2015-08-04 14:34:30 ----D---- C:\Windows\system32\en-US
2015-08-04 14:34:30 ----D---- C:\Windows\PolicyDefinitions
2015-08-04 14:34:30 ----D---- C:\Program Files\Internet Explorer
2015-08-04 14:32:50 ----D---- C:\Windows\system32\MRT
2015-08-04 13:42:16 ----D---- C:\Windows\system32\catroot2
2015-08-04 09:29:59 ----D---- C:\Windows\Minidump
2015-08-04 08:29:12 ----SD---- C:\Users\Terezka\AppData\Roaming\Microsoft
2015-08-02 19:06:49 ----SHD---- C:\Windows\Installer
2015-08-02 19:06:49 ----SHD---- C:\Config.Msi
2015-08-02 18:55:55 ----D---- C:\Program Files\Common Files
2015-08-01 09:42:44 ----D---- C:\Windows\system32\Tasks
2015-07-15 09:42:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-07-12 19:13:05 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-28 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-28 206248]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-28 81768]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-28 787800]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-28 423784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-28 24184]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-28 70384]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-28 91496]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys [2011-03-17 70272]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-25 8598528]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-25 257024]
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys [2011-03-17 149632]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2011-04-21 2171904]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 23256]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2013-06-18 669912]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1826784]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2012-09-20 452096]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-06-24 1349168]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2015-02-16 145920]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-08-05 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28.sys [2013-11-26 2122952]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-11-17 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-11-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-11-17 27136]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-25 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-28 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2012-09-20 303186]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-06-25 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-06 116648]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-06 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-19 102912]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: neustale se spoustejici cmd.exe
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: neustale se spoustejici cmd.exe
vypada to dobre diky moc
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: neustale se spoustejici cmd.exe
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?