Jump to content

can anybody help me get rid of pop up kazdodenninoviny?


Recommended Posts

ogfile of Trend Micro HijackThis v2.0.5

Scan saved at 21:29:46, on 4.3.2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16518)

 

 

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Windows\vVX1000.exe

C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe

C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Android-Sync\AndroidSync.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe

C:\Program Files (x86)\Android-Sync\bin\adb.exe

C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe

C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Petr\Downloads\HijackThis (2).exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [HP Software Update] c:\program files (x86)\hp\hp software update\hpwuschd2.exe

O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

O4 - HKLM\..\Run: [AndroidSync] C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m

O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe

O4 - HKLM\..\Run: [Anvi AD Blocker] "C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe" -tray

O4 - HKLM\..\Run: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe -tray

O4 - HKCU\..\Run: [Copernic Desktop Search - Professional] "C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe" /tray

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [332300980E2D344CE9FF911C649296933E942748._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

O4 - HKCU\..\Run: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe"  /hide /autorun

O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKUS\S-1-5-18\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto (User 'Default user')

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics


O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adblocker Monitor Service (AdblockerSrv) - Unknown owner - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) - Anvisoft - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe

O23 - Service: APC Data Service - Schneider Electric - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe

O23 - Service: APC UPS Service - Schneider Electric - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe

O23 - Service: Anvi Smart Defender Realtime Guard Service (asdsrv) - Anvisoft - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe

O23 - Service: BlackBerry Device Manager - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe

O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: SolidPDFCreatorReadSpool (SPDFCreatorReadSpool) - Solid Documents, LLC - C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\SysWOW64\xmesrv.exe

 

--

End of file - 16524 bytes

 

Link to post
Share on other sites

Welcome to the forum.

First:

Please run a Quick Scan with Malwarebytes like this and post the log:

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

---------------------

Then please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS may not run on W8)

(please don't put logs in code or quotes and use the default font)

(Please don't forget to run the RogueKiller scan below)

General Forum P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running, please create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

Link to post
Share on other sites

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.51.2

Run by Petr at 23:12:50 on 2014-03-04

Microsoft Windows 7 Professional   6.1.7601.1.1250.420.1033.18.8151.4547 [GMT 1:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe

C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Microsoft LifeCam\MSCamS64.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe

C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\xmesrv.exe

C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe

C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\vVX1000.exe

C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe

C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe

C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Android-Sync\AndroidSync.exe

C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe

C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Android-Sync\bin\adb.exe

C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe

C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe

C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Windows\splwow64.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\notepad.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


uSearch Bar = Preserve

BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Ads Removal: {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [Copernic Desktop Search - Professional] "C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe" /tray

uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

uRun: [332300980E2D344CE9FF911C649296933E942748._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service

uRun: [MyDriveConnect.exe] "C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

uRun: [CloudSystemBooster] "C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe"  /hide /autorun

uRun: [Facebook Update] <no file>

mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\hpwuschd2.exe

mRun: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart

mRun: [AndroidSync] C:\Program Files (x86)\Android-Sync\AndroidSync.exe -m

mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

mRun: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Anvi Smart Defender] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe

mRun: [Anvi AD Blocker] "C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe" -tray

mRun: [ADBlocker] C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe -tray

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

dRun: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

StartupFolder: C:\Users\Petr\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

uPolicies-Explorer: NoDrives = dword:0

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:181

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 10.0.0.138

TCP: Interfaces\{2F78DFE0-DEFD-45EF-8B95-6FF87E076423} : DHCPNameServer = 10.0.0.138

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: livecall - <Clsid value has no data>

Handler: msnim - <Clsid value has no data>

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe

x64-Run: [VX1000] C:\Windows\vVX1000.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: livecall - <Clsid value has no data>

x64-Handler: msnim - <Clsid value has no data>

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

Hosts: 10.0.0.37 Alias.29 # WD SmartWare: uuid:73656761-7465-7375-636b-0090a9bf8081

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R0 SmartDefragDriver;SmartDefragDriver;C:\Windows\System32\drivers\SmartDefragDriver.sys [2014-1-25 21184]

R1 asdnet;asdnet;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [2013-6-9 19280]

R1 asdrm;asdrm;C:\Windows\System32\drivers\asdrm.sys [2014-2-24 18768]

R1 asdws;asdws;C:\Windows\System32\drivers\asdws.sys [2014-2-24 17232]

R1 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2010-7-3 307400]

R2 AdblockerSrv;Adblocker Monitor Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe [2013-6-14 314064]

R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-3-2 881952]

R2 AnviCsbSvc;Anvi Cloud System Booster Speed Service;C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [2014-2-24 42680]

R2 APC Data Service;APC Data Service;C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [2012-1-24 21880]

R2 asdrs;AntiMalware Host-based Intrusion Prevention System;C:\Windows\System32\drivers\asdrs.sys [2014-2-24 23376]

R2 asdsrv;Anvi Smart Defender Realtime Guard Service;C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [2013-10-21 742584]

R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-1-3 1363616]

R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-1-3 1748640]

R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]

R2 IMFservice;IMF Service;C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2013-3-16 342336]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-25 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-25 701512]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-1-20 134944]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-19 15125280]

R2 PfFilter;PfFilter;C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [2014-1-30 38392]

R2 RIM MDNS;RIM MDNS;C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2013-11-28 389632]

R2 RIM Tunnel Service;BlackBerry Link Communication Manager;C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2013-11-28 1304064]

R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-2-28 290520]

R2 SPDFCreatorReadSpool;SolidPDFCreatorReadSpool;C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [2011-10-3 215880]

R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2013-11-2 1042808]

R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2013-11-2 270704]

R2 xmengine service;CryptoPlus XME Engine Service;C:\Windows\SysWOW64\xmesrv.exe [2013-1-29 34696]

R3 BlackBerry Device Manager;BlackBerry Device Manager;C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2013-9-9 585728]

R3 FileMonitor;FileMonitor;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2013-12-21 23048]

R3 GemCCID;GemCCID;C:\Windows\System32\drivers\GemCCID.sys [2013-4-24 129792]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-7-3 56344]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-2-25 25928]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-10-28 39200]

R3 RegFilter;RegFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys [2013-12-21 34848]

R3 rimvndis;BlackBerry Virtual Private Network;C:\Windows\System32\drivers\rimvndis6_AMD64.sys [2013-11-28 17920]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2014-2-28 271064]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-2-28 888536]

R3 UrlFilter;UrlFilter;C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys [2013-12-21 23016]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2013-11-20 2151744]

S2 SecureUpdateSvc;SecureUpdate; [x]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-3-1 161384]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-1-22 108800]

S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-3-23 57856]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-12 111616]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]

S3 MfeAVFK;McAfee Inc. MfeAVFK;C:\Windows\System32\drivers\mfeavfk.sys [2010-7-3 102600]

S3 MfeRKDK;McAfee Inc. MfeRKDK;C:\Windows\System32\drivers\mferkdk.sys [2010-7-3 40904]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-2-28 19456]

S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-1-22 206080]

S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\drivers\ssudserd.sys [2014-1-22 206080]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-17 56832]

S3 usbrndis6;USB RNDIS6 Adapter;C:\Windows\System32\drivers\usb80236.sys [2013-3-16 19968]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-2-26 1255736]

S4 ekrn;ESET Service; [x]

.

=============== File Associations ===============

.

ShellExec: SolidPDFCreator.exe: open=C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPDFCreator.exe

.

=============== Created Last 30 ================

.

2014-03-04 17:52:04 75888 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31FA57AC-A9DA-4D1F-8915-186CD1E7DDC7}\offreg.dll

2014-03-04 17:49:51 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{31FA57AC-A9DA-4D1F-8915-186CD1E7DDC7}\mpengine.dll

2014-03-04 17:35:26 -------- d-----w- C:\FRST

2014-03-04 08:46:39 10536864 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-03-01 16:10:55 -------- d-----w- C:\Windows\ERUNT

2014-02-28 21:25:01 888536 ----a-w- C:\Windows\System32\drivers\Rt64win7.sys

2014-02-28 21:25:01 73800 ----a-w- C:\Windows\System32\RtNicProp64.dll

2014-02-28 21:24:45 9889352 ----a-w- C:\Windows\SysWow64\RsCRIcon.dll

2014-02-28 21:24:45 271064 ----a-w- C:\Windows\System32\drivers\RtsUStor.sys

2014-02-28 21:23:29 1958616 ----a-w- C:\Windows\System32\RTSnMg64.cpl

2014-02-28 21:23:27 3791320 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys

2014-02-28 21:23:25 2782936 ----a-w- C:\Windows\System32\RtkAPO64.dll

2014-02-28 21:23:21 43720192 ----a-w- C:\Windows\System32\RCoRes64.dat

2014-02-28 21:23:21 154840 ----a-w- C:\Windows\System32\RCoInstII64.dll

2014-02-28 20:51:51 -------- d-----w- C:\AdwCleaner

2014-02-27 12:39:16 1031560 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{93030330-58EE-4ADB-B9AA-B7E589D5E210}\gapaengine.dll

2014-02-26 11:19:11 -------- d-----w- C:\ProgramData\Epubsoft

2014-02-26 11:17:40 -------- d-----w- C:\Program Files (x86)\EPUBSOFT

2014-02-25 21:36:14 -------- d-----w- C:\Program Files (x86)\AMR Player

2014-02-25 20:55:41 -------- d-----w- C:\ProgramData\Kaspersky Lab

2014-02-25 19:14:16 -------- d-----w- C:\Users\Petr\AppData\Roaming\Malwarebytes

2014-02-25 19:13:24 -------- d-----w- C:\ProgramData\Malwarebytes

2014-02-25 19:13:21 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-02-25 19:13:20 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-25 18:08:46 6574592 ----a-w- C:\Windows\System32\mstscax.dll

2014-02-25 18:08:46 5694464 ----a-w- C:\Windows\SysWow64\mstscax.dll

2014-02-24 22:27:16 19280 ----a-w- C:\Windows\System32\drivers\asdnet.sys

2014-02-24 22:26:59 17232 ----a-w- C:\Windows\System32\drivers\asdws.sys

2014-02-24 22:26:58 23376 ----a-w- C:\Windows\System32\drivers\asdrs.sys

2014-02-24 22:26:58 18768 ----a-w- C:\Windows\System32\drivers\asdrm.sys

2014-02-17 21:27:38 -------- d-----w- C:\Program Files\McAfee Security Scan

2014-02-17 12:12:28 792576 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll

2014-02-17 12:12:28 1030144 ----a-w- C:\Windows\System32\TSWorkspace.dll

2014-02-13 21:27:19 -------- d-----w- C:\ProgramData\McAfee Security Scan

2014-02-13 21:27:13 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-02-13 21:27:13 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2014-02-13 21:06:26 -------- d-----w- C:\Users\Petr\AppData\Roaming\Anvisoft

2014-02-13 21:04:55 -------- d-----w- C:\ProgramData\Anvisoft

2014-02-13 20:50:28 -------- d-----w- C:\Program Files (x86)\Anvisoft

2014-02-12 22:08:34 548864 ----a-w- C:\Windows\System32\vbscript.dll

2014-02-12 22:08:34 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll

2014-02-12 06:57:49 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2014-02-05 23:51:31 -------- d-----w- C:\Program Files (x86)\Research In Motion Limited

2014-02-05 19:12:32 -------- d-----w- C:\Users\Petr\AppData\Roaming\XCPCSync.OEM

2014-02-04 23:18:00 -------- d-----w- C:\Users\Petr\AppData\Roaming\ViberPC

2014-02-04 23:16:44 -------- d-----w- C:\Users\Petr\AppData\Local\Viber

.

==================== Find3M  ====================

.

2014-02-28 21:25:01 107552 ----a-w- C:\Windows\System32\RTNUninst64.dll

2014-02-17 12:41:24 27456 ----a-w- C:\Windows\System32\RegistryDefragBootTime.exe

2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll

2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll

2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll

2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll

2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-01-24 23:03:25 53152 ----a-w- C:\Windows\System32\USBCoInstaller.dll

2014-01-24 23:03:25 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll

2014-01-24 23:03:25 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll

2014-01-22 07:52:12 708168 ----a-w- C:\Windows\System32\WinUSBCoInstaller.dll

2014-01-22 07:52:12 206080 ----a-w- C:\Windows\System32\drivers\ssudserd.sys

2014-01-22 07:52:10 206080 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys

2014-01-22 07:52:10 108800 ----a-w- C:\Windows\System32\drivers\ssudbus.sys

2014-01-21 15:59:28 128288 ----a-w- C:\Windows\System32\IObitSmartDefragExtension.dll

2014-01-19 07:33:29 270496 ------w- C:\Windows\System32\MpSigStub.exe

2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-12-24 09:40:32 21184 ----a-w- C:\Windows\System32\drivers\SmartDefragDriver.sys

2013-12-19 18:53:46 6671648 ----a-w- C:\Windows\System32\nvcpl.dll

2013-12-19 18:53:46 3490080 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-12-19 18:53:44 922912 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-12-19 18:53:44 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-12-19 18:53:44 386336 ----a-w- C:\Windows\System32\nvmctray.dll

2013-12-18 20:09:39 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-12-13 12:08:00 9889352 ----a-w- C:\Windows\SysWow64\RtsUStoricon.dll

2013-12-13 12:05:18 1884448 ----a-w- C:\Windows\System32\nvdispco6433182.dll

2013-12-13 12:05:18 1511712 ----a-w- C:\Windows\System32\nvdispgenco6433182.dll

2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll

2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll

.

============= FINISH: 23:15:45,89 ===============

 


.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Professional 

Boot Device: \Device\HarddiskVolume1

Install Date: 25.2.2013 0:11:04

System Uptime: 4.3.2014 9:30:16 (14 hours ago)

.

Motherboard: MSI |  | 2A9Ch

Processor: Intel® Core i5 CPU         750  @ 2.67GHz | CPU 1 | 2507/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 229 GiB total, 43,576 GiB free.

D: is FIXED (NTFS) - 226 GiB total, 62,193 GiB free.

E: is FIXED (NTFS) - 9 GiB total, 0,981 GiB free.

L: is CDROM (UDF)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}

Description: Officejet Pro 8500 A910

Device ID: ROOT\MULTIFUNCTION\0000

Manufacturer: HP

Name: Officejet Pro 8500 A910

PNP Device ID: ROOT\MULTIFUNCTION\0000

Service: 

.

==== System Restore Points ===================

.

RP608: 2.3.2014 6:00:36 - Windows Backup

RP609: 3.3.2014 9:08:39 - Windows Backup

RP610: 4.3.2014 9:36:30 - Anvi CSB 3.2

RP611: 4.3.2014 9:41:13 - Windows Backup

RP612: 4.3.2014 18:48:50 - Windows Update

.

==== Installed Programs ======================

.

64 Bit HP CIO Components Installer

8500A909_BasicWeb

8500A909_Help_BasicWeb

Adobe Flash Player 12 Plugin

Adobe Reader XI (11.0.06) - Czech

Advanced SystemCare 7

AMR Player 1.3

Android-Sync version v1.120

Anvi AD Blocker 2.2

Anvi Smart Defender 1.9.3

BlackBerry Desktop Software 7.1

BlackBerry Link

BlackBerry World Browser Plugin

bpd_scan

BPDSoftware

BPDSoftware_Ini

BufferChm

Cloud System Booster

Copernic Desktop Search - Professional

CryptoPlus CS v1.0e

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Driver Booster

Elevated Installer

Facebook Video Calling 2.0.0.447

Garmin Communicator Plugin

Garmin Communicator Plugin x64

Garmin Express

Garmin Express Tray

Garmin Update Service

Garmin USB Drivers

GeForce Experience NvStream Client Components

Google Apps Migration For Microsoft Outlook® 2.3.14.36

Google Apps Sync™ for Microsoft Outlook® 3.5.370.990

Google Chrome

Google Drive

Google Earth Plug-in

Google Update Helper

HP Customer Experience Enhancements

HP Officejet Pro 8500 A909 Series

HP Officejet Pro 8500 A910 Basic Device Software

HP Officejet Pro 8500 A910 Help

HP Officejet Pro 8500 A910 Product Improvement Study

HP Setup

HP Support Assistant

HP Update

I.R.I.S. OCR

InterVideo WinDVD 8

IObit Malware Fighter

IObit Uninstaller

Java 7 Update 51

Java Auto Updater

Junk Mail filter update

Kane and Lynch: Dead Men

LightScribe System Software  1.10.13.1

Malwarebytes Anti-Malware version 1.75.0.1300

McAfee Security Scan Plus

Microsoft .NET Framework 4.5.1

Microsoft Access database engine 2010 (English)

Microsoft Application Error Reporting

Microsoft AutoRoute 2006

Microsoft Corporation

Microsoft Games for Windows - LIVE Redistributable

Microsoft LifeCam

Microsoft MapPoint North America 2004

Microsoft MapPoint North America 2013

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Movie Maker

MSVCRT

MSVCRT_amd64

MSVCRT110

MSVCRT110_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My Net View

MyDriveConnect 3.3.0.1318

Nero 7 Essentials

neroxml

Network64

Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština

NVIDIA 3D Vision Controller Driver 326.01

NVIDIA Control Panel 332.21

NVIDIA GeForce Experience 1.7.1

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA PhysX

NVIDIA PhysX System Software 9.13.0725

NVIDIA ShadowPlay 9.3.21

NVIDIA Update 9.3.21

NVIDIA Update Components

NVIDIA Virtual Audio 1.2.9

PC Speed Up - Complete uninstall

Photo Common

Photo Gallery

PowerChute Personal Edition 3.0.2

Protected Folder

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition

SHIELD Streaming

Skype Click to Call

Skype™ 6.3

Smart Defrag 3

SolidPDFCreator

Surfing Protection

Tom Clancy's Rainbow Six Vegas

Toolbox

Ultimate EPubsoft DRM Removal 8.4.6

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition

Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition

Viber

Visual Studio C++ 10.0 Runtime

WD Link

WD Quick View

WD SmartWare

WD SmartWare Installer

WebReg

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Mobile Device Center

Zoner Photo Studio 14

Zoner Photo Studio 15

.

==== Event Viewer Messages From Past Week ========

.

4.3.2014 9:36:09, Error: Service Control Manager [7034]  - The Anvi Cloud System Booster Speed Service service terminated unexpectedly.  It has done this 1 time(s).

4.3.2014 9:35:46, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

4.3.2014 9:35:16, Error: Service Control Manager [7022]  - The Služba Google Update (gupdate) service hung on starting.

4.3.2014 9:32:52, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

4.3.2014 9:32:06, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

4.3.2014 9:30:54, Error: Service Control Manager [7000]  - The SecureUpdate service failed to start due to the following error:  The system cannot find the path specified.

4.3.2014 9:30:21, Error: volmgr [46]  - Crash dump initialization failed!

2.3.2014 0:09:23, Error: Service Control Manager [7030]  - The Advanced SystemCare Service 7 service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

2.3.2014 0:09:11, Error: Service Control Manager [7034]  - The LiveUpdate service terminated unexpectedly.  It has done this 2 time(s).

2.3.2014 0:08:28, Error: Service Control Manager [7034]  - The AdvancedSystemCareAntivirus service terminated unexpectedly.  It has done this 1 time(s).

.

==== End Of File ===========================

 

Link to post
Share on other sites

RogueKiller V8.8.10 _x64_ [Feb 28 2014] by Adlice Software





 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Petr [Admin rights]

Mode : Scan -- Date : 03/04/2014 23:24:49

| ARK || FAK || MBR |

 

¤¤¤ Bad processes : 0 ¤¤¤

 

¤¤¤ Registry Entries : 7 ¤¤¤

[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND

[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND

[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

 

¤¤¤ Scheduled tasks : 1 ¤¤¤

[V2][sUSP PATH] HPSA Upgrade : C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe [7] -> FOUND

 

¤¤¤ Startup Entries : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ Browser Addons : 0 ¤¤¤

 

¤¤¤ Particular Files / Folders: ¤¤¤

 

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

 

¤¤¤ External Hives: ¤¤¤

 

¤¤¤ Infection :  ¤¤¤

 

¤¤¤ HOSTS File: ¤¤¤

--> %SystemRoot%\System32\drivers\etc\hosts

 

 

127.0.0.1       localhost

10.0.0.37 Alias.29  # WD SmartWare: uuid:73656761-7465-7375-636b-0090a9bf8081

 

 

¤¤¤ MBR Check: ¤¤¤

 

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD5000AAKS-60Z1A0 +++++

--- User ---

[MBR] 83ef0a00912330171569f0e0e83ea890

[bSP] c043441c086fc838ff364aace13550b5 : Windows 7/8 MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 2047 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 4194304 | Size: 234050 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 483528704 | Size: 231901 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 958461952 | Size: 8931 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Finished : << RKreport[0]_S_03042014_232449.txt >>
Link to post
Share on other sites

Start with this:

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner from HERE or HERE to your desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.
Then..................

Please download Farbar Recovery Scan Tool (FRST) and save it to a folder.

(use correct version for your system.....Which system am I using?)

FRST <----for 32 bit systems

FRST64 <----for 64 bit systems

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
If the logs are large, you can attach them:

To attach a log:

Bottom right corner of this page.

reply1.jpg

New window that comes up.

replyer1.jpg

MrC

Link to post
Share on other sites

# AdwCleaner v3.020 - Report created 05/03/2014 at 00:15:14

# Updated 27/02/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Petr - PETR-HP

# Running from : C:\Users\Petr\Downloads\AdwCleaner (2).exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\Windows\System32\Tasks\NCH Software

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16518

 

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [5468 octets] - [28/02/2014 21:51:57]

AdwCleaner[R1].txt - [1051 octets] - [01/03/2014 12:17:35]

AdwCleaner[R2].txt - [1056 octets] - [01/03/2014 12:39:57]

AdwCleaner[R3].txt - [1177 octets] - [01/03/2014 16:53:48]

AdwCleaner[R4].txt - [918 octets] - [05/03/2014 00:15:14]

AdwCleaner[s0].txt - [5097 octets] - [28/02/2014 21:52:56]

AdwCleaner[s1].txt - [1119 octets] - [01/03/2014 12:18:41]

AdwCleaner[s2].txt - [1120 octets] - [01/03/2014 12:41:57]

AdwCleaner[s3].txt - [1241 octets] - [01/03/2014 16:55:55]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [1217 octets] ##########
Link to post
Share on other sites

# AdwCleaner v3.020 - Report created 05/03/2014 at 00:31:07

# Updated 27/02/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Petr - PETR-HP

# Running from : C:\Users\Petr\Downloads\AdwCleaner (3).exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

File Found : C:\Windows\System32\Tasks\NCH Software

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16518

 

 

-\\ Google Chrome v33.0.1750.146

 

[ File : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [5468 octets] - [28/02/2014 21:51:57]

AdwCleaner[R1].txt - [1051 octets] - [01/03/2014 12:17:35]

AdwCleaner[R2].txt - [1056 octets] - [01/03/2014 12:39:57]

AdwCleaner[R3].txt - [1177 octets] - [01/03/2014 16:53:48]

AdwCleaner[R4].txt - [1297 octets] - [05/03/2014 00:15:14]

AdwCleaner[R5].txt - [978 octets] - [05/03/2014 00:31:07]

AdwCleaner[s0].txt - [5097 octets] - [28/02/2014 21:52:56]

AdwCleaner[s1].txt - [1119 octets] - [01/03/2014 12:18:41]

AdwCleaner[s2].txt - [1120 octets] - [01/03/2014 12:41:57]

AdwCleaner[s3].txt - [1241 octets] - [01/03/2014 16:55:55]

AdwCleaner[s4].txt - [1361 octets] - [05/03/2014 00:21:41]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1337 octets] ##########
Link to post
Share on other sites

 Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014 02

Ran by Petr (administrator) on PETR-HP on 05-03-2014 00:39:15
Running from C:\Users\Petr\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
() C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Schneider Electric) C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(http://www.android-sync.com) C:\Program Files (x86)\Android-Sync\AndroidSync.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
() C:\Program Files (x86)\Android-Sync\bin\adb.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Petr\Downloads\AdwCleaner (3).exe
(Farbar) C:\Users\Petr\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [shadowPlay] - C:\Windows\system32\nvspcap64.dll [1064224 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2014-02-28] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - c:\program files (x86)\hp\hp software update\hpwuschd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [iObit Malware Fighter] - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1566528 2014-01-24] (IObit)
HKLM-x32\...\Run: [AndroidSync] - C:\Program Files (x86)\Android-Sync\AndroidSync.exe [6257584 2014-01-10] (http://www.android-sync.com)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2013-09-09] (Research In Motion Limited)
HKLM-x32\...\Run: [RIM PeerManager] - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4465152 2013-11-28] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Anvi Smart Defender] - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDTray.exe [1636536 2013-10-21] (Anvisoft)
HKLM-x32\...\Run: [Anvi AD Blocker] - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe [1256144 2013-06-14] (Anvisoft)
HKLM-x32\...\Run: [ADBlocker] - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe [1256144 2013-06-14] (Anvisoft)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [Copernic Desktop Search - Professional] - C:\Program Files (x86)\Copernic Desktop Search - Pro\DesktopSearchService.exe [1853992 2013-01-28] (Copernic Inc.)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [455968 2007-08-23] (Hewlett-Packard Company)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [332300980E2D344CE9FF911C649296933E942748._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859464 2014-03-02] (Google Inc.)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-10-21] (TomTom)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18643560 2013-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [CloudSystemBooster] - C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [527544 2014-02-24] (Anvisoft)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [Facebook Update] - [X]
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [Viber] - [X]
HKU\S-1-5-21-1531368507-30541634-286873559-1002\...\Run: [Advanced SystemCare 7] - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
AppInit_DLLs: => File Not Found
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: livecall - No CLSID Value - 
Handler: msnim - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: livecall - No CLSID Value - 
Handler-x32: msnim - No CLSID Value - 
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
 
Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (Fabulous) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ambjmeohlajelahhhniggkkceagdlcgj [2013-11-06]
CHR Extension: (Google Drive) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-07]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-03-02]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-02-25]
CHR Extension: (McAfee Security Scan+) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2013-08-07]
CHR Extension: (Google Search) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-02-25]
CHR Extension: (Gmail Offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-01-26]
CHR Extension: (Google Calendar) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-11-06]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2013-03-07]
CHR Extension: (Ads Removal) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-02-25]
CHR Extension: (PDF To Word Converter) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gffllbhpecejbleibohpabbpiehhnmnm [2014-02-01]
CHR Extension: (AccelerateTab) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg [2013-09-26]
CHR Extension: (Any Files To PDF) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hccigbihfncbddogbppmdnlnjknbgokj [2014-02-01]
CHR Extension: (Website Blocker (Beta)) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-24]
CHR Extension: (Fullscreen Mirror) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbjadagicjlhcifbdlhbanigojbleda [2013-11-06]
CHR Extension: (Cloud Reader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2013-08-03]
CHR Extension: (PDF Viewer) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jccchjobcggajhnmckffhcahkkbioifn [2014-02-13]
CHR Extension: (Google Play) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-31]
CHR Extension: (AD Block) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb [2014-01-15]
CHR Extension: (Skype Click to Call) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-19]
CHR Extension: (Google Maps) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-11-06]
CHR Extension: (Google Wallet) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-02-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
 
==================== Services (Whitelisted) =================
 
R2 AdblockerSrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\ADBlockerSrv.exe [314064 2013-06-14] ()
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2014-02-24] (Anvisoft)
R2 APC Data Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 asdsrv; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe [742584 2013-10-21] (Anvisoft)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-09-09] (Research In Motion Limited)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-06] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2013-11-28] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1304064 2013-11-28] (Research In Motion Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-02-28] (Realtek Semiconductor)
R2 SPDFCreatorReadSpool; C:\Program Files (x86)\SolidDocuments\SolidPDFCreator\SPC\SolidPdfServicex64.exe [215880 2011-10-03] (Solid Documents, LLC)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-11-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-11-02] (Western Digital Technologies, Inc.)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2013-02-27] (Monet+, a.s.)
S4 ekrn; No ImagePath
S2 SecureUpdateSvc; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
R1 asdnet; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\toolbox\adblocker\sys\amd64\asdnet.sys [19280 2013-06-09] ()
R1 asdrm; C:\Windows\System32\DRIVERS\asdrm.sys [18768 2013-10-15] (Anvisoft)
R2 asdrs; C:\Windows\system32\DRIVERS\asdrs.sys [23376 2013-10-15] (Anvisoft)
R1 asdws; C:\Windows\System32\DRIVERS\asdws.sys [17232 2013-10-15] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-04-24] (Gemalto)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MfeAVFK; C:\Windows\System32\drivers\MfeAVFK.sys [102600 2009-05-16] (McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [307400 2009-05-16] (McAfee, Inc.)
S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDK.sys [40904 2009-05-16] (McAfee, Inc.)
R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [71240 2009-05-16] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R2 PfFilter; C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [38392 2012-11-23] (IObit Information Technology)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-06-27] (Research In Motion Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2013-11-28] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-03-16] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-05 00:38 - 2014-03-05 00:38 - 02156544 _____ (Farbar) C:\Users\Petr\Downloads\FRST64 (1).exe
2014-03-05 00:30 - 2014-03-05 00:31 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (4).exe
2014-03-05 00:28 - 2014-03-05 00:28 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (3).exe
2014-03-05 00:23 - 2014-03-05 00:23 - 00000356 _____ () C:\Windows\PFRO.log
2014-03-05 00:23 - 2014-03-05 00:23 - 00000168 _____ () C:\Windows\setupact.log
2014-03-05 00:23 - 2014-03-05 00:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 00:05 - 2014-03-05 00:05 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (2).exe
2014-03-04 23:24 - 2014-03-04 23:24 - 00002292 _____ () C:\Users\Petr\Desktop\RKreport[0]_S_03042014_232449.txt
2014-03-04 23:18 - 2014-03-04 23:28 - 00000000 ____D () C:\Users\Petr\Desktop\RK_Quarantine
2014-03-04 23:18 - 2014-03-04 23:18 - 04413952 _____ () C:\Users\Petr\Downloads\RogueKillerX64.exe
2014-03-04 23:13 - 2014-03-04 23:14 - 00688992 _____ (Swearware) C:\Users\Petr\Downloads\dds.com
2014-03-04 23:12 - 2014-03-04 23:12 - 00688992 ____R (Swearware) C:\Users\Petr\Downloads\dds.scr
2014-03-04 21:38 - 2014-03-04 21:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petr\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-04 21:29 - 2014-03-04 21:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis (2).exe
2014-03-04 18:36 - 2014-03-04 18:36 - 00043138 _____ () C:\Users\Petr\Downloads\Addition.txt
2014-03-04 18:35 - 2014-03-05 00:39 - 00025890 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-03-04 18:35 - 2014-03-05 00:39 - 00000000 ____D () C:\FRST
2014-03-04 18:35 - 2014-03-04 18:35 - 02156544 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2014-03-04 18:34 - 2014-03-04 18:34 - 01145344 _____ (Farbar) C:\Users\Petr\Downloads\FRST (1).exe
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 _____ () C:\asc_rdflag
2014-03-02 00:09 - 2014-03-03 11:28 - 00002203 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-02 00:09 - 2014-03-02 00:09 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-03-02 00:09 - 2014-03-02 00:09 - 00002848 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Petr
2014-03-01 17:10 - 2014-03-01 17:10 - 01037734 _____ (Thisisu) C:\Users\Petr\Downloads\JRT.exe
2014-03-01 17:10 - 2014-03-01 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 17:09 - 2014-03-01 17:09 - 01144320 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2014-03-01 17:04 - 2014-03-01 17:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis (1).exe
2014-03-01 16:57 - 2014-03-05 00:23 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-01 12:39 - 2014-03-01 12:39 - 01244192 _____ () C:\Users\Petr\Downloads\adwcleaner (1).exe
2014-02-28 22:25 - 2014-02-28 22:25 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-28 22:25 - 2014-02-28 22:25 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-28 22:24 - 2014-02-28 22:24 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-02-28 22:24 - 2014-02-28 22:24 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-28 22:23 - 2014-02-28 22:23 - 43720192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-28 22:23 - 2014-02-28 22:23 - 03791320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-28 22:23 - 2014-02-28 22:23 - 02782936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-28 22:23 - 2014-02-28 22:23 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-28 22:23 - 2014-02-28 22:23 - 00704269 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-28 22:23 - 2014-02-28 22:23 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-28 22:21 - 2014-02-28 22:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-28 22:21 - 2014-02-28 22:21 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-28 22:21 - 2014-02-28 22:21 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-28 22:13 - 2014-02-28 22:13 - 15309848 _____ (IObit ) C:\Users\Petr\Downloads\driver_booster_setup.exe
2014-02-28 22:06 - 2014-02-28 22:07 - 62687640 _____ (IObit ) C:\Users\Petr\Downloads\asc-ultimate7-setup.exe
2014-02-28 21:51 - 2014-03-05 00:31 - 00000000 ____D () C:\AdwCleaner
2014-02-28 21:51 - 2014-02-28 21:51 - 01244192 _____ () C:\Users\Petr\Downloads\adwcleaner.exe
2014-02-28 10:23 - 2014-02-28 10:23 - 00000000 ___SD () C:\Users\Petr\Documents\Passwords Database
2014-02-26 12:19 - 2014-02-26 12:19 - 00000000 ____D () C:\Users\Petr\Documents\Epubsoft
2014-02-26 12:19 - 2014-02-26 12:19 - 00000000 ____D () C:\ProgramData\Epubsoft
2014-02-26 12:17 - 2014-02-26 12:17 - 00002789 _____ () C:\Users\Public\Desktop\EPubsoft DRM Removal.lnk
2014-02-26 12:17 - 2014-02-26 12:17 - 00000000 ____D () C:\Program Files (x86)\EPUBSOFT
2014-02-25 22:36 - 2014-02-25 22:36 - 00000956 _____ () C:\Users\Public\Desktop\AMR Player.lnk
2014-02-25 22:36 - 2014-02-25 22:36 - 00000000 ____D () C:\Program Files (x86)\AMR Player
2014-02-25 22:35 - 2014-02-25 22:35 - 02552629 _____ (www.amrplayer.com ) C:\Users\Petr\Downloads\amrplayer_setup.exe
2014-02-25 22:35 - 2014-02-25 22:35 - 02552629 _____ (www.amrplayer.com ) C:\Users\Petr\Downloads\amrplayer_setup (1).exe
2014-02-25 21:55 - 2014-02-28 10:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-25 21:20 - 2014-02-25 21:22 - 193797352 _____ (Kaspersky Lab ZAO) C:\Users\Petr\Downloads\pure13.0.2.558en_5455_trial.exe
2014-02-25 20:20 - 2014-02-25 20:20 - 01581384 _____ (ESET) C:\Users\Petr\Downloads\eset_smart_security_live_installer_.exe
2014-02-25 20:14 - 2014-02-25 20:14 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Malwarebytes
2014-02-25 20:13 - 2014-03-04 21:41 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 20:13 - 2014-03-04 21:40 - 00001107 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-25 20:13 - 2014-02-25 20:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 20:13 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-25 20:12 - 2014-02-25 20:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petr\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-25 20:09 - 2014-03-04 21:29 - 00016526 _____ () C:\Users\Petr\Downloads\hijackthis.log
2014-02-25 20:07 - 2014-02-25 20:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis.exe
2014-02-25 19:08 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-25 19:08 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-24 23:27 - 2014-02-24 23:27 - 00001498 _____ () C:\Users\Public\Desktop\Anvi AD Blocker.lnk
2014-02-24 23:27 - 2014-02-24 23:27 - 00001182 _____ () C:\Users\Public\Desktop\Anvi Smart Defender.lnk
2014-02-24 23:27 - 2013-06-09 03:40 - 00019280 _____ () C:\Windows\system32\Drivers\asdnet.sys
2014-02-24 23:26 - 2013-10-15 04:05 - 00023376 _____ (Anvisoft) C:\Windows\system32\Drivers\asdrs.sys
2014-02-24 23:26 - 2013-10-15 04:05 - 00018768 _____ (Anvisoft) C:\Windows\system32\Drivers\asdrm.sys
2014-02-24 23:26 - 2013-10-15 04:05 - 00017232 _____ () C:\Windows\system32\Drivers\asdws.sys
2014-02-21 10:06 - 2014-02-21 10:08 - 00190976 ___SH () C:\Users\Petr\Documents\Thumbs.db
2014-02-18 22:08 - 2014-02-18 22:32 - 26548024 _____ () C:\Users\Petr\Downloads\asdsetup.exe
2014-02-18 13:36 - 2014-02-18 13:36 - 00032080 _____ () C:\Users\Petr\Downloads\index (2).htm
2014-02-18 13:25 - 2014-02-18 13:25 - 00032080 _____ () C:\Users\Petr\Downloads\index.htm
2014-02-18 13:18 - 2014-02-18 13:22 - 00000000 ____D () C:\Users\Petr\Downloads\Free_Internetcam
2014-02-18 13:18 - 2014-02-18 13:18 - 00042189 _____ () C:\Users\Petr\Downloads\Free_Internetcam.zip
2014-02-18 12:51 - 2014-02-18 18:12 - 00000000 ____D () C:\Users\Petr\Downloads\booruWebCam_v1299
2014-02-18 12:51 - 2014-02-18 12:51 - 00137284 _____ () C:\Users\Petr\Downloads\booruWebCam_v1299.zip
2014-02-18 12:27 - 2014-02-18 12:27 - 00000000 ____D () C:\Users\Petr\Documents\Webkamera
2014-02-18 11:56 - 2014-02-18 11:57 - 00921624 _____ () C:\img2-002.raw
2014-02-17 22:27 - 2014-02-17 22:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 13:50 - 2014-02-17 13:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-17 13:50 - 2014-02-17 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-17 13:14 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-17 13:14 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-17 13:14 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-17 13:14 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-17 13:14 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-17 13:14 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-17 13:14 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-17 13:14 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-17 13:14 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-17 13:14 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-17 13:14 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-17 13:14 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-17 13:14 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-17 13:14 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-17 13:14 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-17 13:14 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-17 13:13 - 2014-02-17 13:49 - 00000000 ____D () C:\Users\Petr\Downloads\Adobe
2014-02-17 13:12 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-17 13:12 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-13 22:27 - 2014-03-04 23:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-13 22:27 - 2014-03-02 10:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-13 22:27 - 2014-03-02 10:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-13 22:27 - 2014-03-02 10:44 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-13 22:27 - 2014-02-17 22:27 - 00001933 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-13 22:27 - 2014-02-13 22:27 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-13 22:27 - 2014-02-13 22:27 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-13 22:06 - 2014-02-24 23:28 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Anvisoft
2014-02-13 22:04 - 2014-02-13 22:05 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-02-13 21:50 - 2014-03-04 09:36 - 00001270 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-02-13 21:50 - 2014-02-13 22:04 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-13 21:33 - 2014-02-13 21:33 - 00000000 ____D () C:\ProgramData\Razer
2014-02-12 23:08 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 23:08 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 23:07 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 23:07 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 23:07 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 23:07 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 23:07 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 23:07 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 23:07 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 23:07 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 23:07 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 23:07 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 23:07 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 23:07 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 23:07 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 23:07 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 23:07 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 23:07 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 23:07 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 23:07 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 23:07 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 23:07 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 23:07 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 23:07 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 23:07 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 23:07 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 23:07 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 23:07 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 23:07 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 23:07 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:07 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 23:07 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 23:07 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 23:07 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 23:07 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 23:07 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 23:07 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 23:07 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 23:07 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 23:07 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 23:07 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 07:57 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:57 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:57 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:57 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:57 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:57 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:57 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:57 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:57 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:57 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:57 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:57 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:57 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:57 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:57 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:57 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:57 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:57 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:57 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:57 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:57 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:57 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:57 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:57 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:57 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:57 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:57 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:57 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-10 13:10 - 2014-02-10 13:10 - 00000000 ____D () C:\Users\Petr\Downloads\com.viber.voip
2014-02-07 18:37 - 2014-02-07 18:37 - 00000000 ____D () C:\Users\Petr\Documents\BLACKBERRY-1351
2014-02-07 18:28 - 2014-02-07 18:28 - 00002227 _____ () C:\Users\Public\Desktop\BlackBerry Link.lnk
2014-02-06 00:51 - 2014-02-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-02-05 20:32 - 2014-02-08 13:08 - 00000000 ____D () C:\Users\Petr\Documents\! BLACKBERRY-1351 Q10
2014-02-05 20:12 - 2014-02-07 18:30 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\XCPCSync.OEM
2014-02-05 19:57 - 2014-02-05 19:57 - 00000000 _____ () C:\Windows\SysWOW64\out.txt
2014-02-05 19:57 - 2014-02-05 19:57 - 00000000 _____ () C:\Windows\SysWOW64\err.txt
2014-02-05 00:18 - 2014-02-17 19:58 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ViberPC
2014-02-05 00:17 - 2014-02-05 00:17 - 00001060 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2014-02-05 00:17 - 2014-02-05 00:17 - 00001052 _____ () C:\Users\Petr\Desktop\Viber.lnk
2014-02-05 00:16 - 2014-02-17 19:58 - 00000000 ____D () C:\Users\Petr\AppData\Local\Viber
 
==================== One Month Modified Files and Folders =======
 
2014-03-05 00:39 - 2014-03-04 18:35 - 00025890 _____ () C:\Users\Petr\Downloads\FRST.txt
2014-03-05 00:39 - 2014-03-04 18:35 - 00000000 ____D () C:\FRST
2014-03-05 00:38 - 2014-03-05 00:38 - 02156544 _____ (Farbar) C:\Users\Petr\Downloads\FRST64 (1).exe
2014-03-05 00:32 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 00:32 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 00:31 - 2014-03-05 00:30 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (4).exe
2014-03-05 00:31 - 2014-02-28 21:51 - 00000000 ____D () C:\AdwCleaner
2014-03-05 00:28 - 2014-03-05 00:28 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (3).exe
2014-03-05 00:27 - 2010-07-03 11:38 - 01656346 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 00:26 - 2012-07-25 20:16 - 00000000 ____D () C:\Users\Petr\Documents\Outlook Files
2014-03-05 00:26 - 2010-11-11 10:37 - 00000000 ____D () C:\Users\Petr\Documents\Outlook Rodvinovska
2014-03-05 00:25 - 2013-03-17 22:29 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2014-03-05 00:23 - 2014-03-05 00:23 - 00000356 _____ () C:\Windows\PFRO.log
2014-03-05 00:23 - 2014-03-05 00:23 - 00000168 _____ () C:\Windows\setupact.log
2014-03-05 00:23 - 2014-03-05 00:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-05 00:23 - 2014-03-01 16:57 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-03-05 00:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 00:05 - 2014-03-05 00:05 - 01244192 _____ () C:\Users\Petr\Downloads\AdwCleaner (2).exe
2014-03-04 23:28 - 2014-03-04 23:18 - 00000000 ____D () C:\Users\Petr\Desktop\RK_Quarantine
2014-03-04 23:24 - 2014-03-04 23:24 - 00002292 _____ () C:\Users\Petr\Desktop\RKreport[0]_S_03042014_232449.txt
2014-03-04 23:23 - 2014-02-13 22:27 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-04 23:18 - 2014-03-04 23:18 - 04413952 _____ () C:\Users\Petr\Downloads\RogueKillerX64.exe
2014-03-04 23:14 - 2014-03-04 23:13 - 00688992 _____ (Swearware) C:\Users\Petr\Downloads\dds.com
2014-03-04 23:12 - 2014-03-04 23:12 - 00688992 ____R (Swearware) C:\Users\Petr\Downloads\dds.scr
2014-03-04 21:56 - 2013-06-10 20:37 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1531368507-30541634-286873559-1002UA.job
2014-03-04 21:56 - 2013-06-10 20:37 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1531368507-30541634-286873559-1002Core.job
2014-03-04 21:43 - 2013-12-21 12:35 - 00000000 ____D () C:\Users\Petr\Downloads\IObit malware fighter
2014-03-04 21:41 - 2014-02-25 20:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-04 21:40 - 2014-02-25 20:13 - 00001107 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-04 21:39 - 2014-03-04 21:38 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petr\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-04 21:29 - 2014-03-04 21:29 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis (2).exe
2014-03-04 21:29 - 2014-02-25 20:09 - 00016526 _____ () C:\Users\Petr\Downloads\hijackthis.log
2014-03-04 18:36 - 2014-03-04 18:36 - 00043138 _____ () C:\Users\Petr\Downloads\Addition.txt
2014-03-04 18:35 - 2014-03-04 18:35 - 02156544 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2014-03-04 18:34 - 2014-03-04 18:34 - 01145344 _____ (Farbar) C:\Users\Petr\Downloads\FRST (1).exe
2014-03-04 09:41 - 2013-02-25 11:00 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-04 09:36 - 2014-02-13 21:50 - 00001270 _____ () C:\Users\Public\Desktop\Cloud System Booster.lnk
2014-03-04 09:29 - 2014-03-04 09:29 - 00000000 _____ () C:\asc_rdflag
2014-03-04 09:29 - 2013-11-21 22:48 - 86523904 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-03-04 09:29 - 2013-11-21 22:48 - 00253952 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-03-04 09:29 - 2013-11-21 22:48 - 00065536 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-03-04 09:29 - 2013-11-21 22:48 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-03-04 09:29 - 2013-02-25 00:11 - 00000000 ____D () C:\Users\Petr
2014-03-03 11:28 - 2014-03-02 00:09 - 00002203 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-03 08:59 - 2013-11-20 20:39 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-02 21:34 - 2009-07-14 06:13 - 00786538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-02 10:44 - 2014-02-13 22:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-02 10:44 - 2014-02-13 22:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-02 10:44 - 2014-02-13 22:27 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-02 10:44 - 2013-02-25 11:02 - 00000000 ____D () C:\Users\Petr\AppData\Local\Adobe
2014-03-02 00:09 - 2014-03-02 00:09 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-03-02 00:09 - 2014-03-02 00:09 - 00002848 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_Petr
2014-03-02 00:09 - 2013-11-20 20:39 - 00001226 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-02 00:08 - 2013-02-28 22:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-01 19:09 - 2013-02-25 10:41 - 00000000 ____D () C:\Users\Petr\AppData\Local\Microsoft Help
2014-03-01 17:10 - 2014-03-01 17:10 - 01037734 _____ (Thisisu) C:\Users\Petr\Downloads\JRT.exe
2014-03-01 17:10 - 2014-03-01 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-01 17:09 - 2014-03-01 17:09 - 01144320 _____ (Farbar) C:\Users\Petr\Downloads\FRST.exe
2014-03-01 17:04 - 2014-03-01 17:04 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis (1).exe
2014-03-01 12:39 - 2014-03-01 12:39 - 01244192 _____ () C:\Users\Petr\Downloads\adwcleaner (1).exe
2014-02-28 22:25 - 2014-02-28 22:25 - 00888536 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-02-28 22:25 - 2014-02-28 22:25 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-02-28 22:25 - 2014-02-28 22:21 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-02-28 22:25 - 2010-01-05 19:39 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-02-28 22:24 - 2014-02-28 22:24 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll
2014-02-28 22:24 - 2014-02-28 22:24 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-02-28 22:24 - 2010-07-03 11:35 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-02-28 22:23 - 2014-02-28 22:23 - 43720192 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-02-28 22:23 - 2014-02-28 22:23 - 03791320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-02-28 22:23 - 2014-02-28 22:23 - 02782936 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-02-28 22:23 - 2014-02-28 22:23 - 01958616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-02-28 22:23 - 2014-02-28 22:23 - 00704269 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-28 22:23 - 2014-02-28 22:23 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-02-28 22:22 - 2013-11-23 17:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-28 22:21 - 2014-02-28 22:21 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 18310112 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-02-28 22:21 - 2014-02-28 22:21 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-02-28 22:21 - 2014-02-28 22:21 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-02-28 22:21 - 2013-12-13 13:05 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-02-28 22:21 - 2013-09-19 20:40 - 02698272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-02-28 22:21 - 2012-03-07 00:08 - 00023754 _____ () C:\Windows\system32\nvinfo.pb
2014-02-28 22:21 - 2009-09-29 04:38 - 15230352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-02-28 22:21 - 2009-09-29 04:38 - 03071656 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-02-28 22:14 - 2013-12-13 12:55 - 00003212 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-02-28 22:14 - 2013-12-13 12:55 - 00001178 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-28 22:13 - 2014-02-28 22:13 - 15309848 _____ (IObit ) C:\Users\Petr\Downloads\driver_booster_setup.exe
2014-02-28 22:07 - 2014-02-28 22:06 - 62687640 _____ (IObit ) C:\Users\Petr\Downloads\asc-ultimate7-setup.exe
2014-02-28 21:51 - 2014-02-28 21:51 - 01244192 _____ () C:\Users\Petr\Downloads\adwcleaner.exe
2014-02-28 21:37 - 2010-11-28 18:51 - 00000000 ____D () C:\Users\Petr\Documents\!aRodvinovska 2013
2014-02-28 10:26 - 2014-02-25 21:55 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-02-28 10:23 - 2014-02-28 10:23 - 00000000 ___SD () C:\Users\Petr\Documents\Passwords Database
2014-02-27 10:37 - 2013-05-03 20:35 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-02-27 10:37 - 2013-05-03 20:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-02-26 12:29 - 2012-08-01 21:07 - 00000000 ____D () C:\Users\Petr\Documents\!Kindle
2014-02-26 12:19 - 2014-02-26 12:19 - 00000000 ____D () C:\Users\Petr\Documents\Epubsoft
2014-02-26 12:19 - 2014-02-26 12:19 - 00000000 ____D () C:\ProgramData\Epubsoft
2014-02-26 12:17 - 2014-02-26 12:17 - 00002789 _____ () C:\Users\Public\Desktop\EPubsoft DRM Removal.lnk
2014-02-26 12:17 - 2014-02-26 12:17 - 00000000 ____D () C:\Program Files (x86)\EPUBSOFT
2014-02-26 05:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-25 22:41 - 2014-01-08 22:50 - 00002515 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-02-25 22:41 - 2013-03-17 22:29 - 00000000 ____D () C:\ProgramData\Skype
2014-02-25 22:36 - 2014-02-25 22:36 - 00000956 _____ () C:\Users\Public\Desktop\AMR Player.lnk
2014-02-25 22:36 - 2014-02-25 22:36 - 00000000 ____D () C:\Program Files (x86)\AMR Player
2014-02-25 22:35 - 2014-02-25 22:35 - 02552629 _____ (www.amrplayer.com ) C:\Users\Petr\Downloads\amrplayer_setup.exe
2014-02-25 22:35 - 2014-02-25 22:35 - 02552629 _____ (www.amrplayer.com ) C:\Users\Petr\Downloads\amrplayer_setup (1).exe
2014-02-25 21:30 - 2013-08-23 22:16 - 00000000 ____D () C:\Users\Petr\Documents\!! GENEALOGIE RODU BÍLKŮ A SEDLÁKŮ
2014-02-25 21:22 - 2014-02-25 21:20 - 193797352 _____ (Kaspersky Lab ZAO) C:\Users\Petr\Downloads\pure13.0.2.558en_5455_trial.exe
2014-02-25 20:20 - 2014-02-25 20:20 - 01581384 _____ (ESET) C:\Users\Petr\Downloads\eset_smart_security_live_installer_.exe
2014-02-25 20:14 - 2014-02-25 20:14 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Malwarebytes
2014-02-25 20:13 - 2014-02-25 20:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 20:12 - 2014-02-25 20:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Petr\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-25 20:07 - 2014-02-25 20:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Petr\Downloads\HijackThis.exe
2014-02-24 23:28 - 2014-02-13 22:06 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Anvisoft
2014-02-24 23:27 - 2014-02-24 23:27 - 00001498 _____ () C:\Users\Public\Desktop\Anvi AD Blocker.lnk
2014-02-24 23:27 - 2014-02-24 23:27 - 00001182 _____ () C:\Users\Public\Desktop\Anvi Smart Defender.lnk
2014-02-21 10:08 - 2014-02-21 10:06 - 00190976 ___SH () C:\Users\Petr\Documents\Thumbs.db
2014-02-21 10:05 - 2012-06-12 11:04 - 00000000 ____D () C:\Users\Petr\Documents\AXINNOVATION
2014-02-21 10:05 - 2012-06-10 20:45 - 00000000 ____D () C:\Users\Petr\Documents\!ING Konto
2014-02-21 10:05 - 2011-11-19 13:58 - 00000000 ____D () C:\Users\Petr\Documents\!aTrebonska 2013
2014-02-21 10:05 - 2011-10-28 14:59 - 00000000 ____D () C:\Users\Petr\Documents\pki_cs
2014-02-21 10:05 - 2010-11-11 10:57 - 00000000 ____D () C:\Users\Petr\Documents\!PrivatSynchroLeopoldPCMoto 06 04 2009
2014-02-18 22:32 - 2014-02-18 22:08 - 26548024 _____ () C:\Users\Petr\Downloads\asdsetup.exe
2014-02-18 18:12 - 2014-02-18 12:51 - 00000000 ____D () C:\Users\Petr\Downloads\booruWebCam_v1299
2014-02-18 13:36 - 2014-02-18 13:36 - 00032080 _____ () C:\Users\Petr\Downloads\index (2).htm
2014-02-18 13:25 - 2014-02-18 13:25 - 00032080 _____ () C:\Users\Petr\Downloads\index.htm
2014-02-18 13:22 - 2014-02-18 13:18 - 00000000 ____D () C:\Users\Petr\Downloads\Free_Internetcam
2014-02-18 13:18 - 2014-02-18 13:18 - 00042189 _____ () C:\Users\Petr\Downloads\Free_Internetcam.zip
2014-02-18 12:51 - 2014-02-18 12:51 - 00137284 _____ () C:\Users\Petr\Downloads\booruWebCam_v1299.zip
2014-02-18 12:27 - 2014-02-18 12:27 - 00000000 ____D () C:\Users\Petr\Documents\Webkamera
2014-02-18 11:57 - 2014-02-18 11:56 - 00921624 _____ () C:\img2-002.raw
2014-02-17 22:27 - 2014-02-17 22:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-17 22:27 - 2014-02-13 22:27 - 00001933 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-17 19:58 - 2014-02-05 00:18 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ViberPC
2014-02-17 19:58 - 2014-02-05 00:16 - 00000000 ____D () C:\Users\Petr\AppData\Local\Viber
2014-02-17 13:50 - 2014-02-17 13:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-17 13:50 - 2014-02-17 13:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-17 13:50 - 2013-02-25 10:55 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-17 13:49 - 2014-02-17 13:13 - 00000000 ____D () C:\Users\Petr\Downloads\Adobe
2014-02-17 13:41 - 2013-02-28 23:24 - 00027456 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2014-02-17 13:32 - 2013-02-26 11:08 - 00000000 ____D () C:\Users\Petr\AppData\Local\Windows Live
2014-02-17 00:47 - 2013-07-15 00:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 00:46 - 2013-02-26 11:23 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 22:38 - 2014-01-13 23:10 - 00000000 ____D () C:\Users\Petr\Documents\! ! 2014
2014-02-16 22:15 - 2013-02-25 01:16 - 00000000 ___RD () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-13 22:27 - 2014-02-13 22:27 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-13 22:27 - 2014-02-13 22:27 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-13 22:27 - 2013-02-27 16:47 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-02-13 22:18 - 2010-11-11 10:56 - 00000000 ____D () C:\Users\Petr\Documents\! aPRz1 Moto 2010
2014-02-13 22:05 - 2014-02-13 22:04 - 00000000 ____D () C:\ProgramData\Anvisoft
2014-02-13 22:04 - 2014-02-13 21:50 - 00000000 ____D () C:\Program Files (x86)\Anvisoft
2014-02-13 22:02 - 2013-03-01 18:20 - 00000000 ____D () C:\Users\Petr\AppData\Local\CrashDumps
2014-02-13 21:36 - 2010-07-03 11:37 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-13 21:33 - 2014-02-13 21:33 - 00000000 ____D () C:\ProgramData\Razer
2014-02-13 21:33 - 2013-02-28 22:17 - 00000000 ____D () C:\ProgramData\IObit
2014-02-13 11:17 - 2013-03-17 22:29 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-12 23:14 - 2010-07-03 11:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-12 23:11 - 2013-04-09 22:38 - 00770404 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 23:09 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-02-10 13:10 - 2014-02-10 13:10 - 00000000 ____D () C:\Users\Petr\Downloads\com.viber.voip
2014-02-10 11:28 - 2013-02-25 10:59 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-10 11:28 - 2013-02-25 10:59 - 00003692 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 15:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-08 13:08 - 2014-02-05 20:32 - 00000000 ____D () C:\Users\Petr\Documents\! BLACKBERRY-1351 Q10
2014-02-07 18:37 - 2014-02-07 18:37 - 00000000 ____D () C:\Users\Petr\Documents\BLACKBERRY-1351
2014-02-07 18:30 - 2014-02-05 20:12 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\XCPCSync.OEM
2014-02-07 18:28 - 2014-02-07 18:28 - 00002227 _____ () C:\Users\Public\Desktop\BlackBerry Link.lnk
2014-02-07 18:28 - 2013-08-08 19:56 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Research In Motion
2014-02-07 18:27 - 2013-02-25 22:53 - 00000000 ____D () C:\Program Files (x86)\Research In Motion
2014-02-06 13:16 - 2014-02-12 23:07 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 23:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 23:07 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 23:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 23:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 23:07 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 23:07 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 23:07 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 23:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 23:07 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 23:07 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 23:07 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 23:07 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 23:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 23:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 23:07 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 23:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 23:07 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 23:07 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 23:07 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 23:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 23:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 23:07 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 23:07 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 23:07 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 23:07 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 23:07 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 23:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 23:07 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 23:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 23:07 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 23:07 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 23:07 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 23:07 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 23:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 23:07 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 23:07 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 00:51 - 2014-02-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Research In Motion Limited
2014-02-05 22:40 - 2009-07-14 06:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 20:22 - 2013-02-26 15:22 - 00000000 ____D () C:\Users\Petr\AppData\Local\Research In Motion
2014-02-05 19:57 - 2014-02-05 19:57 - 00000000 _____ () C:\Windows\SysWOW64\out.txt
2014-02-05 19:57 - 2014-02-05 19:57 - 00000000 _____ () C:\Windows\SysWOW64\err.txt
2014-02-05 19:57 - 2013-08-08 19:56 - 00000000 ____D () C:\ProgramData\Research In Motion
2014-02-05 19:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-02-05 00:17 - 2014-02-05 00:17 - 00001060 _____ () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber.lnk
2014-02-05 00:17 - 2014-02-05 00:17 - 00001052 _____ () C:\Users\Petr\Desktop\Viber.lnk
2014-02-04 23:44 - 2013-02-27 16:38 - 00000000 ____D () C:\Users\Petr\Documents\! aPrvt CSC 2013 23 06
2014-02-04 23:40 - 2010-11-11 10:55 - 00000000 ____D () C:\Users\Petr\Documents\Motorola 2010 24 rijen
2014-02-04 23:34 - 2011-12-08 20:41 - 00000000 ____D () C:\Users\Petr\Documents\!aHercikova 2013
 
Some content of TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Petr\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-01 14:17
 
==================== End Of Log ============================
Link to post
Share on other sites

OK.............

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter. (it may look like CF is re-installing but it's not)

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

Please download OTC to your desktop. (This will clean up most of the tools and logs)

http://oldtimer.geekstogo.com/OTC.exe

Double-click OTC to run it. (Vista and up users, please right click on OTC and select "Run as an Administrator")

Click on the CleanUp! button and follow the prompts.

(If you get a warning from your firewall or other security programs regarding OTC attempting to contact the Internet, please allow the connection.)

You will be asked to reboot the machine to finish the Cleanup process, choose Yes.

After the reboot all the tools we used should be gone.

Note: Some more recently created tools may not yet be removed by OTC. Feel free to manually delete any tools it leaves behind.

Any other programs or logs you can manually delete. (right click.....Delete)

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:

If you used FRST and can't delete the quarantine folder:

Download the fixlist.txt to the same folder as FRST.exe.

Run FRST.exe and click Fix only once and wait

That will delete the quarantine folder created by FRST.

The rest you can manually delete.

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again. (PM also found HERE)

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.