LOG ZDE -DĚKUJI
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2016-06-25 06:41:10
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (16%) free of 172 GB
Total RAM: 8079 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:41:10, on 25.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [jemin] explorer.exe http://kb-ribaki.org
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11459 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {44C46045-B111-4C31-A988-D549EDC0AB24}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
igfxEM.exe
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" http://kb-ribaki.org/
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\jemin\AppData\Local\Steam\htmlcache" -steampid=3656 -buildid=1465948400 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3960 CREDAT:267521 /prefetch:2
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "5697457692030776767-1274102223-1182390594255047680-1180795876212695423357007148
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Fraps\fraps64.dat"
taskeng.exe {92F4F1EF-CEAB-41B8-B2B0-E2AA5CF07D97}
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\WinRAR\WinRAR.exe" "D:\downloader\7m.part1.rar"
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\jemin\Desktop\Nový textový dokument (4).txt
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3960 CREDAT:3151220 /prefetch:2
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
taskmgr.exe /3
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53130368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-15 2917456]
"jemin"=explorer.exe http://kb-ribaki.org []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-06-25 06:36:43 ----D---- C:\rsit
2016-06-25 06:36:43 ----D---- C:\Program Files\trend micro
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglv64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvinitx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFR64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvFBC64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispgenco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-06-19 09:07:43 ----D---- C:\Users\jemin\AppData\Roaming\SmartSteamEmu
======List of files/folders modified in the last 1 month======
2016-06-25 06:36:43 ----RD---- C:\Program Files
2016-06-25 06:35:40 ----D---- C:\Windows\temp
2016-06-25 06:28:26 ----D---- C:\Windows\System32
2016-06-25 06:28:26 ----D---- C:\Windows\inf
2016-06-25 06:28:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-25 06:23:23 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2016-06-25 06:22:55 ----D---- C:\Fraps
2016-06-25 06:22:54 ----D---- C:\Windows\system32\Tasks
2016-06-25 06:22:36 ----D---- C:\Windows\system32\drivers
2016-06-25 06:22:34 ----D---- C:\Program Files (x86)\Steam
2016-06-24 21:29:43 ----D---- C:\Windows\system32\config
2016-06-23 19:59:31 ----D---- C:\Windows
2016-06-23 19:58:53 ----D---- C:\Windows\Minidump
2016-06-23 19:58:50 ----D---- C:\Windows\SysWOW64
2016-06-23 19:57:24 ----D---- C:\Windows\system32\DriverStore
2016-06-22 21:05:28 ----SHD---- C:\System Volume Information
2016-06-21 12:37:43 ----D---- C:\Windows\system32\NDF
2016-06-20 01:31:51 ----D---- C:\Windows\system32\catroot2
2016-06-19 20:32:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-19 09:06:38 ----D---- C:\Windows\SYSWOW64\directx
2016-06-16 21:42:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-15 22:40:57 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-10 20:28:55 ----D---- C:\Windows\winsxs
2016-06-08 16:20:52 ----SHD---- C:\Windows\Installer
2016-06-08 16:20:52 ----D---- C:\ProgramData\Skype
2016-06-08 16:20:51 ----RD---- C:\Program Files (x86)\Skype
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvapi64.dll
2016-05-28 04:35:46 ----D---- C:\Users\jemin\AppData\Roaming\vlc
2016-05-26 12:06:24 ----D---- C:\Users\jemin\AppData\Roaming\FileZilla
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 DA92FCC0;DA92FCC0; C:\Windows\system32\drivers\DA92FCC0.sys [2015-10-04 478392]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-03 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-06-25 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-01-03 214520]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-10-04 785160]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-05-13 2324216]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-15 1518672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-23 1263040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2015-10-04 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
po spuštění pc vyskakujou nežádoucí okna v IE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po spuštění pc vyskakujou nežádoucí okna v IE
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po spuštění pc vyskakujou nežádoucí okna v IE
zdravim, log :
# AdwCleaner v5.200 - Log vytvořen 26/06/2016 v 11:26:33
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-25.3 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (X64)
# Uživatelské jméno : jemin - JEMIN-PC
# Spuštěno z : C:\Users\jemin\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : swdumon
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\SlimWare Utilities, Inc
[#] Složka Smazáno : C:\ProgramData\Application Data\SlimWare Utilities, Inc
[-] Složka Smazáno : C:\Users\Public\Documents\Downloaded Installers
[-] Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
[-] Složka Smazáno : C:\Users\jemin\AppData\Local\slimware utilities inc
[-] Složka Smazáno : C:\Users\jemin\AppData\Local\Downloaded Installers
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\874504bdd9dad0ac395b32abc11cd03f
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AniGIF.ucAniGIF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč Smazáno : HKCU\Software\IM
[-] Klíč Smazáno : HKCU\Software\ImInstaller
[-] Klíč Smazáno : HKCU\Software\Reg\Clean
[-] Klíč Smazáno : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč Smazáno : HKLM\SOFTWARE\ImInstaller
[-] Klíč Smazáno : HKLM\SOFTWARE\Reg\Clean
[-] Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{269073B2-1617-4E64-9894-57937EE6AF9F}C:\program files (x86)\torntv.com\torntv downloader.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{1730FA74-8CF5-46ED-A351-AE24A30D9BBC}C:\program files (x86)\torntv.com\torntv downloader.exe]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Hodnota Smazáno : HKU\S-1-5-21-3158200304-2993081581-1989350980-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3131 bytů] - [26/06/2016 11:26:33]
C:\AdwCleaner\AdwCleaner[C6].txt - [1024 bytů] - [15/09/2015 12:56:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [3493 bytů] - [02/10/2015 01:09:36]
C:\AdwCleaner\AdwCleaner[R0].txt - [9682 bytů] - [10/05/2014 17:37:37]
C:\AdwCleaner\AdwCleaner[R1].txt - [10333 bytů] - [27/06/2014 12:30:42]
C:\AdwCleaner\AdwCleaner[R2].txt - [4707 bytů] - [11/07/2014 12:26:01]
C:\AdwCleaner\AdwCleaner[R3].txt - [5096 bytů] - [17/08/2014 08:52:23]
C:\AdwCleaner\AdwCleaner[R4].txt - [5038 bytů] - [23/09/2014 16:16:50]
C:\AdwCleaner\AdwCleaner[R5].txt - [9969 bytů] - [21/10/2014 15:49:55]
C:\AdwCleaner\AdwCleaner[R6].txt - [2137 bytů] - [11/11/2014 19:20:09]
C:\AdwCleaner\AdwCleaner[R7].txt - [2764 bytů] - [01/04/2015 11:45:51]
C:\AdwCleaner\AdwCleaner[R8].txt - [13597 bytů] - [09/08/2015 06:45:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [9645 bytů] - [27/06/2014 12:30:53]
C:\AdwCleaner\AdwCleaner[S10].txt - [931 bytů] - [15/09/2015 12:48:53]
C:\AdwCleaner\AdwCleaner[S11].txt - [758 bytů] - [22/09/2015 16:11:56]
C:\AdwCleaner\AdwCleaner[S12].txt - [5276 bytů] - [01/10/2015 18:28:41]
C:\AdwCleaner\AdwCleaner[S13].txt - [3216 bytů] - [01/10/2015 20:38:08]
C:\AdwCleaner\AdwCleaner[S14].txt - [3216 bytů] - [01/10/2015 21:19:45]
C:\AdwCleaner\AdwCleaner[S15].txt - [3216 bytů] - [01/10/2015 21:28:32]
C:\AdwCleaner\AdwCleaner[S16].txt - [3216 bytů] - [01/10/2015 21:32:56]
C:\AdwCleaner\AdwCleaner[S17].txt - [3216 bytů] - [01/10/2015 21:33:58]
C:\AdwCleaner\AdwCleaner[S18].txt - [3216 bytů] - [02/10/2015 01:08:34]
C:\AdwCleaner\AdwCleaner[S19].txt - [887 bytů] - [02/10/2015 19:04:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [9281 bytů] - [11/07/2014 12:39:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [10069 bytů] - [21/10/2014 15:52:40]
C:\AdwCleaner\AdwCleaner[S3].txt - [2066 bytů] - [11/11/2014 19:28:40]
C:\AdwCleaner\AdwCleaner[S4].txt - [11630 bytů] - [09/08/2015 06:53:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5113 bytů] ##########
# AdwCleaner v5.200 - Log vytvořen 26/06/2016 v 11:26:33
# Aktualizováno 14/06/2016 by ToolsLib
# Databáze : 2016-06-25.3 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (X64)
# Uživatelské jméno : jemin - JEMIN-PC
# Spuštěno z : C:\Users\jemin\Desktop\adwcleaner_5.200.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služba Smazáno : swdumon
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\SlimWare Utilities, Inc
[#] Složka Smazáno : C:\ProgramData\Application Data\SlimWare Utilities, Inc
[-] Složka Smazáno : C:\Users\Public\Documents\Downloaded Installers
[-] Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar
[-] Složka Smazáno : C:\Users\jemin\AppData\Local\slimware utilities inc
[-] Složka Smazáno : C:\Users\jemin\AppData\Local\Downloaded Installers
***** [ Soubory ] *****
[-] Soubor Smazáno : C:\Windows\SysNative\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč Smazáno : HKCU\Software\874504bdd9dad0ac395b32abc11cd03f
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AniGIF.ucAniGIF
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč Smazáno : HKCU\Software\IM
[-] Klíč Smazáno : HKCU\Software\ImInstaller
[-] Klíč Smazáno : HKCU\Software\Reg\Clean
[-] Klíč Smazáno : HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Klíč Smazáno : HKLM\SOFTWARE\ImInstaller
[-] Klíč Smazáno : HKLM\SOFTWARE\Reg\Clean
[-] Klíč Smazáno : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{269073B2-1617-4E64-9894-57937EE6AF9F}C:\program files (x86)\torntv.com\torntv downloader.exe]
[-] Hodnota Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{1730FA74-8CF5-46ED-A351-AE24A30D9BBC}C:\program files (x86)\torntv.com\torntv downloader.exe]
[-] Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Hodnota Smazáno : HKU\S-1-5-21-3158200304-2993081581-1989350980-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [3131 bytů] - [26/06/2016 11:26:33]
C:\AdwCleaner\AdwCleaner[C6].txt - [1024 bytů] - [15/09/2015 12:56:27]
C:\AdwCleaner\AdwCleaner[C7].txt - [3493 bytů] - [02/10/2015 01:09:36]
C:\AdwCleaner\AdwCleaner[R0].txt - [9682 bytů] - [10/05/2014 17:37:37]
C:\AdwCleaner\AdwCleaner[R1].txt - [10333 bytů] - [27/06/2014 12:30:42]
C:\AdwCleaner\AdwCleaner[R2].txt - [4707 bytů] - [11/07/2014 12:26:01]
C:\AdwCleaner\AdwCleaner[R3].txt - [5096 bytů] - [17/08/2014 08:52:23]
C:\AdwCleaner\AdwCleaner[R4].txt - [5038 bytů] - [23/09/2014 16:16:50]
C:\AdwCleaner\AdwCleaner[R5].txt - [9969 bytů] - [21/10/2014 15:49:55]
C:\AdwCleaner\AdwCleaner[R6].txt - [2137 bytů] - [11/11/2014 19:20:09]
C:\AdwCleaner\AdwCleaner[R7].txt - [2764 bytů] - [01/04/2015 11:45:51]
C:\AdwCleaner\AdwCleaner[R8].txt - [13597 bytů] - [09/08/2015 06:45:47]
C:\AdwCleaner\AdwCleaner[S0].txt - [9645 bytů] - [27/06/2014 12:30:53]
C:\AdwCleaner\AdwCleaner[S10].txt - [931 bytů] - [15/09/2015 12:48:53]
C:\AdwCleaner\AdwCleaner[S11].txt - [758 bytů] - [22/09/2015 16:11:56]
C:\AdwCleaner\AdwCleaner[S12].txt - [5276 bytů] - [01/10/2015 18:28:41]
C:\AdwCleaner\AdwCleaner[S13].txt - [3216 bytů] - [01/10/2015 20:38:08]
C:\AdwCleaner\AdwCleaner[S14].txt - [3216 bytů] - [01/10/2015 21:19:45]
C:\AdwCleaner\AdwCleaner[S15].txt - [3216 bytů] - [01/10/2015 21:28:32]
C:\AdwCleaner\AdwCleaner[S16].txt - [3216 bytů] - [01/10/2015 21:32:56]
C:\AdwCleaner\AdwCleaner[S17].txt - [3216 bytů] - [01/10/2015 21:33:58]
C:\AdwCleaner\AdwCleaner[S18].txt - [3216 bytů] - [02/10/2015 01:08:34]
C:\AdwCleaner\AdwCleaner[S19].txt - [887 bytů] - [02/10/2015 19:04:22]
C:\AdwCleaner\AdwCleaner[S1].txt - [9281 bytů] - [11/07/2014 12:39:17]
C:\AdwCleaner\AdwCleaner[S2].txt - [10069 bytů] - [21/10/2014 15:52:40]
C:\AdwCleaner\AdwCleaner[S3].txt - [2066 bytů] - [11/11/2014 19:28:40]
C:\AdwCleaner\AdwCleaner[S4].txt - [11630 bytů] - [09/08/2015 06:53:44]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5113 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po spuštění pc vyskakujou nežádoucí okna v IE
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po spuštění pc vyskakujou nežádoucí okna v IE
zde :
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2016-06-26 14:51:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (16%) free of 172 GB
Total RAM: 8079 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:02, on 26.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [jemin] explorer.exe http://kb-ribaki.org
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11460 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {406B34A8-8FE5-48AF-8F8D-0A9ACA8EE4A4}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
igfxEM.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "14983544711430238085785190106-1661663652-502861571494175435-1865070341546933726
"C:\Program Files\Internet Explorer\iexplore.exe" http://kb-ribaki.org/
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\jemin\AppData\Local\Steam\htmlcache" -steampid=3964 -buildid=1465948400 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3468 CREDAT:464147 /prefetch:2
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Fraps\fraps64.dat"
taskeng.exe {892CAE0E-3ECD-40EF-9786-4C972A881EBE}
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe" -Xms32m -Xmx128m -jar "E:\FreeRapid-0.9u4\frd.jar"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8007cb4a-a665-4270-bc8a-c644f135ca0c -SystemEventPortName:HostProcess-f3b2072f-8938-43c7-8913-ebc0c6ce7d3d -IoCancelEventPortName:HostProcess-8555b6ba-0304-460c-ad5d-ba011aa11333 -NonStateChangingEventPortName:HostProcess-39ec9768-537d-47b2-bc54-b2b3e59b6b13 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2b09c973-d317-494b-9cdc-ce7a92f584ed -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3468 CREDAT:1447190 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3158200304-2993081581-1989350980-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3158200304-2993081581-1989350980-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Documents\RSITx64.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe" /UA 11.0 /DDV 0x0a00
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53130368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-15 2917456]
"jemin"=explorer.exe http://kb-ribaki.org []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-06-26 11:27:06 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2016-06-25 06:36:43 ----D---- C:\rsit
2016-06-25 06:36:43 ----D---- C:\Program Files\trend micro
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglv64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvinitx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFR64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvFBC64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispgenco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-06-19 09:07:43 ----D---- C:\Users\jemin\AppData\Roaming\SmartSteamEmu
======List of files/folders modified in the last 1 month======
2016-06-26 14:49:53 ----D---- C:\Windows\temp
2016-06-26 14:35:41 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2016-06-26 12:59:14 ----D---- C:\Windows\System32
2016-06-26 12:59:14 ----D---- C:\Windows\inf
2016-06-26 12:59:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-26 11:30:09 ----D---- C:\Windows\system32\config
2016-06-26 11:27:25 ----D---- C:\Windows\system32\Tasks
2016-06-26 11:27:25 ----D---- C:\Fraps
2016-06-26 11:27:06 ----D---- C:\Windows\system32\drivers
2016-06-26 11:27:05 ----D---- C:\Program Files (x86)\Steam
2016-06-26 11:26:33 ----D---- C:\AdwCleaner
2016-06-26 11:26:33 ----AD---- C:\ProgramData
2016-06-26 07:32:46 ----SHD---- C:\System Volume Information
2016-06-25 06:36:43 ----RD---- C:\Program Files
2016-06-23 19:59:31 ----D---- C:\Windows
2016-06-23 19:58:53 ----D---- C:\Windows\Minidump
2016-06-23 19:58:50 ----D---- C:\Windows\SysWOW64
2016-06-23 19:57:24 ----D---- C:\Windows\system32\DriverStore
2016-06-21 12:37:43 ----D---- C:\Windows\system32\NDF
2016-06-20 01:31:51 ----D---- C:\Windows\system32\catroot2
2016-06-19 20:32:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-19 09:06:38 ----D---- C:\Windows\SYSWOW64\directx
2016-06-16 21:42:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-15 22:40:57 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-10 20:28:55 ----D---- C:\Windows\winsxs
2016-06-08 16:20:52 ----SHD---- C:\Windows\Installer
2016-06-08 16:20:52 ----D---- C:\ProgramData\Skype
2016-06-08 16:20:51 ----RD---- C:\Program Files (x86)\Skype
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvapi64.dll
2016-05-28 04:35:46 ----D---- C:\Users\jemin\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 DA92FCC0;DA92FCC0; C:\Windows\system32\drivers\DA92FCC0.sys [2015-10-04 478392]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-03 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-06-26 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-01-03 214520]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-10-04 785160]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-05-13 2324216]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-15 1518672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-23 1263040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2015-10-04 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2016-06-26 14:51:01
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 27 GB (16%) free of 172 GB
Total RAM: 8079 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:51:02, on 26.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll
O3 - Toolbar: Lišta Centrum.cz - {5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [jemin] explorer.exe http://kb-ribaki.org
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11460 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {406B34A8-8FE5-48AF-8F8D-0A9ACA8EE4A4}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
igfxEM.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "14983544711430238085785190106-1661663652-502861571494175435-1865070341546933726
"C:\Program Files\Internet Explorer\iexplore.exe" http://kb-ribaki.org/
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\jemin\AppData\Local\Steam\htmlcache" -steampid=3964 -buildid=1465948400 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3468 CREDAT:464147 /prefetch:2
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
"C:\Fraps\fraps64.dat"
taskeng.exe {892CAE0E-3ECD-40EF-9786-4C972A881EBE}
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Java\jre7\launch4j-tmp\frd.exe" -Xms32m -Xmx128m -jar "E:\FreeRapid-0.9u4\frd.jar"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-8007cb4a-a665-4270-bc8a-c644f135ca0c -SystemEventPortName:HostProcess-f3b2072f-8938-43c7-8913-ebc0c6ce7d3d -IoCancelEventPortName:HostProcess-8555b6ba-0304-460c-ad5d-ba011aa11333 -NonStateChangingEventPortName:HostProcess-39ec9768-537d-47b2-bc54-b2b3e59b6b13 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2b09c973-d317-494b-9cdc-ce7a92f584ed -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3468 CREDAT:1447190 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3158200304-2993081581-1989350980-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3158200304-2993081581-1989350980-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Documents\RSITx64.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe" /UA 11.0 /DDV 0x0a00
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-24 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{5D9C17C6-093D-43E5-BF3D-4A13D162AB74} - Lišta Centrum.cz - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25 1253144]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-24 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53130368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-15 2917456]
"jemin"=explorer.exe http://kb-ribaki.org []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-06-26 11:27:06 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2016-06-25 06:36:43 ----D---- C:\rsit
2016-06-25 06:36:43 ----D---- C:\Program Files\trend micro
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglv64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvinitx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFR64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvFBC64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispgenco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-06-19 09:07:43 ----D---- C:\Users\jemin\AppData\Roaming\SmartSteamEmu
======List of files/folders modified in the last 1 month======
2016-06-26 14:49:53 ----D---- C:\Windows\temp
2016-06-26 14:35:41 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2016-06-26 12:59:14 ----D---- C:\Windows\System32
2016-06-26 12:59:14 ----D---- C:\Windows\inf
2016-06-26 12:59:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-26 11:30:09 ----D---- C:\Windows\system32\config
2016-06-26 11:27:25 ----D---- C:\Windows\system32\Tasks
2016-06-26 11:27:25 ----D---- C:\Fraps
2016-06-26 11:27:06 ----D---- C:\Windows\system32\drivers
2016-06-26 11:27:05 ----D---- C:\Program Files (x86)\Steam
2016-06-26 11:26:33 ----D---- C:\AdwCleaner
2016-06-26 11:26:33 ----AD---- C:\ProgramData
2016-06-26 07:32:46 ----SHD---- C:\System Volume Information
2016-06-25 06:36:43 ----RD---- C:\Program Files
2016-06-23 19:59:31 ----D---- C:\Windows
2016-06-23 19:58:53 ----D---- C:\Windows\Minidump
2016-06-23 19:58:50 ----D---- C:\Windows\SysWOW64
2016-06-23 19:57:24 ----D---- C:\Windows\system32\DriverStore
2016-06-21 12:37:43 ----D---- C:\Windows\system32\NDF
2016-06-20 01:31:51 ----D---- C:\Windows\system32\catroot2
2016-06-19 20:32:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-19 09:06:38 ----D---- C:\Windows\SYSWOW64\directx
2016-06-16 21:42:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-15 22:40:57 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-10 20:28:55 ----D---- C:\Windows\winsxs
2016-06-08 16:20:52 ----SHD---- C:\Windows\Installer
2016-06-08 16:20:52 ----D---- C:\ProgramData\Skype
2016-06-08 16:20:51 ----RD---- C:\Program Files (x86)\Skype
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvapi64.dll
2016-05-28 04:35:46 ----D---- C:\Users\jemin\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 DA92FCC0;DA92FCC0; C:\Windows\system32\drivers\DA92FCC0.sys [2015-10-04 478392]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-03 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-06-26 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-01-03 214520]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-10-04 785160]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-05-13 2324216]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-15 1518672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-23 1263040]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2015-10-04 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po spuštění pc vyskakujou nežádoucí okna v IE
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Microsoft\BingBar
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"jemin"=-
:services
DA92FCC0
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po spuštění pc vyskakujou nežádoucí okna v IE
log :
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2016-06-26 20:06:02
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (18%) free of 172 GB
Total RAM: 8079 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:06:04, on 26.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10666 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {52358D28-6A8D-4DF7-9739-0DE50F62B6C0}
taskeng.exe {8F6F7ECB-B2E2-40DA-B9B7-B444264ED3FF}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
igfxEM.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-579078189-2139523489-16479180076498549921183004867-179792415-17107891401878088935
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\jemin\AppData\Local\Steam\htmlcache" -steampid=4884 -buildid=1465948400 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Fraps\fraps64.dat"
taskeng.exe {E31F9087-A2C1-4BB6-A1DC-133A06144D71}
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6180 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6180 CREDAT:1447212 /prefetch:2
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Documents\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53130368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-15 2917456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-06-26 19:58:49 ----D---- C:\_OTM
2016-06-26 11:27:06 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2016-06-25 06:36:43 ----D---- C:\rsit
2016-06-25 06:36:43 ----D---- C:\Program Files\trend micro
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglv64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvinitx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFR64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvFBC64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispgenco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-06-19 09:07:43 ----D---- C:\Users\jemin\AppData\Roaming\SmartSteamEmu
======List of files/folders modified in the last 1 month======
2016-06-26 20:05:14 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2016-06-26 20:05:00 ----D---- C:\Windows\temp
2016-06-26 20:04:39 ----D---- C:\Fraps
2016-06-26 20:04:38 ----D---- C:\Windows\system32\Tasks
2016-06-26 20:04:24 ----D---- C:\Program Files (x86)\Steam
2016-06-26 20:04:19 ----D---- C:\Windows\system32\drivers
2016-06-26 19:59:11 ----D---- C:\Windows\Tasks
2016-06-26 19:59:06 ----D---- C:\Program Files (x86)\Microsoft
2016-06-26 19:58:50 ----D---- C:\Program Files (x86)\Google
2016-06-26 12:59:14 ----D---- C:\Windows\System32
2016-06-26 12:59:14 ----D---- C:\Windows\inf
2016-06-26 12:59:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-26 11:30:09 ----D---- C:\Windows\system32\config
2016-06-26 11:26:33 ----D---- C:\AdwCleaner
2016-06-26 11:26:33 ----AD---- C:\ProgramData
2016-06-26 07:32:46 ----SHD---- C:\System Volume Information
2016-06-25 06:36:43 ----RD---- C:\Program Files
2016-06-23 19:59:31 ----D---- C:\Windows
2016-06-23 19:58:53 ----D---- C:\Windows\Minidump
2016-06-23 19:58:50 ----D---- C:\Windows\SysWOW64
2016-06-23 19:57:24 ----D---- C:\Windows\system32\DriverStore
2016-06-21 12:37:43 ----D---- C:\Windows\system32\NDF
2016-06-20 01:31:51 ----D---- C:\Windows\system32\catroot2
2016-06-19 20:32:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-19 09:06:38 ----D---- C:\Windows\SYSWOW64\directx
2016-06-16 21:42:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-15 22:40:57 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-10 20:28:55 ----D---- C:\Windows\winsxs
2016-06-08 16:20:52 ----SHD---- C:\Windows\Installer
2016-06-08 16:20:52 ----D---- C:\ProgramData\Skype
2016-06-08 16:20:51 ----RD---- C:\Program Files (x86)\Skype
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvapi64.dll
2016-05-28 04:35:46 ----D---- C:\Users\jemin\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-03 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-06-26 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2000-01-01 43976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-01-03 214520]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-10-04 785160]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-05-13 2324216]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-15 1518672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-23 1263040]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2015-10-04 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by jemin at 2016-06-26 20:06:02
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 32 GB (18%) free of 172 GB
Total RAM: 8079 MB (67% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:06:04, on 26.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Fraps\fraps.exe
C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Noční obloha\vesmir.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\jemin.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: cenbho32.TCentrumCZBHOObject - {C91BA35D-6516-489F-A203-2992ED9A4132} - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Svátky a výročí] C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe
O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk = ?
O4 - Startup: Vesmír na dlani.lnk = ?
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 10 HE Licensing Service (ABBYY.Licensing.FineReader.Home.10.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SlimWare Utility Service Launcher (SlimService) - Unknown owner - C:\Program Files\SlimService\SlimServiceFactory.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10666 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe" -service
taskeng.exe {52358D28-6A8D-4DF7-9739-0DE50F62B6C0}
taskeng.exe {8F6F7ECB-B2E2-40DA-B9B7-B444264ED3FF}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Fraps\fraps.exe
"C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe"
"C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe" -boot
C:\Windows\Explorer.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
igfxEM.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-579078189-2139523489-16479180076498549921183004867-179792415-17107891401878088935
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN42H2G0CM05SZ:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN42H2G0CM05SZ;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Noční obloha\vesmir.exe"
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\jemin\AppData\Local\Steam\htmlcache" -steampid=4884 -buildid=1465948400 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Fraps\fraps64.dat"
taskeng.exe {E31F9087-A2C1-4BB6-A1DC-133A06144D71}
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6180 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6180 CREDAT:1447212 /prefetch:2
"C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\jemin\Documents\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\SlimDrivers Startup.job - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe -boot
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-30 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho64.dll [2013-01-23 621016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-30 211368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C91BA35D-6516-489F-A203-2992ED9A4132}]
Lišta Centrum.cz - pomocný objekt - C:\Program Files (x86)\Centrum Holdings s.r.o\Lišta Centrum.cz\cenbho32.dll [2013-01-23 485848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2000-01-01 190536]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2000-01-01 13876952]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-05-02 2398776]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Svátky a výročí"=C:\Program Files (x86)\OKsoftware\Svátky a výročí\Vyroci.exe [2015-10-04 1019904]
"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-05-17 53130368]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-06-15 2917456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GSplay.exe]
D:\GSplay.exe [2015-10-04 4772747]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Program Killer.lnk]
C:\PROGRA~2\PROGRA~1\PROGRA~1.EXE [2015-10-04 1534976]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^jemin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk]
C:\PROGRA~2\MYPCBA~1\MYPCBA~1.EXE []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GamePark klient 2.lnk - C:\Program Files\GamePark2\gpcl.exe
C:\Users\jemin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 3520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe
Vesmír na dlani.lnk - C:\Program Files (x86)\Noční obloha\vesmir.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2008-03-18 275360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\26821665.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\31663166.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DA92FCC0.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2016-06-26 19:58:49 ----D---- C:\_OTM
2016-06-26 11:27:06 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2016-06-25 06:36:43 ----D---- C:\rsit
2016-06-25 06:36:43 ----D---- C:\Program Files\trend micro
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvumdshimx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvptxJitCompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvopencl.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglv64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvoglshim64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvinitx.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvIFR64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\NvFBC64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvfatbinaryLoader.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispgenco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvdispco6436839.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuvid.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcuda.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\nvcompiler.dll
2016-06-23 19:56:49 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-06-19 09:07:43 ----D---- C:\Users\jemin\AppData\Roaming\SmartSteamEmu
======List of files/folders modified in the last 1 month======
2016-06-26 20:05:14 ----D---- C:\Users\jemin\AppData\Roaming\Skype
2016-06-26 20:05:00 ----D---- C:\Windows\temp
2016-06-26 20:04:39 ----D---- C:\Fraps
2016-06-26 20:04:38 ----D---- C:\Windows\system32\Tasks
2016-06-26 20:04:24 ----D---- C:\Program Files (x86)\Steam
2016-06-26 20:04:19 ----D---- C:\Windows\system32\drivers
2016-06-26 19:59:11 ----D---- C:\Windows\Tasks
2016-06-26 19:59:06 ----D---- C:\Program Files (x86)\Microsoft
2016-06-26 19:58:50 ----D---- C:\Program Files (x86)\Google
2016-06-26 12:59:14 ----D---- C:\Windows\System32
2016-06-26 12:59:14 ----D---- C:\Windows\inf
2016-06-26 12:59:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-26 11:30:09 ----D---- C:\Windows\system32\config
2016-06-26 11:26:33 ----D---- C:\AdwCleaner
2016-06-26 11:26:33 ----AD---- C:\ProgramData
2016-06-26 07:32:46 ----SHD---- C:\System Volume Information
2016-06-25 06:36:43 ----RD---- C:\Program Files
2016-06-23 19:59:31 ----D---- C:\Windows
2016-06-23 19:58:53 ----D---- C:\Windows\Minidump
2016-06-23 19:58:50 ----D---- C:\Windows\SysWOW64
2016-06-23 19:57:24 ----D---- C:\Windows\system32\DriverStore
2016-06-21 12:37:43 ----D---- C:\Windows\system32\NDF
2016-06-20 01:31:51 ----D---- C:\Windows\system32\catroot2
2016-06-19 20:32:54 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-06-19 09:06:38 ----D---- C:\Windows\SYSWOW64\directx
2016-06-16 21:42:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-15 22:40:57 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-10 20:28:55 ----D---- C:\Windows\winsxs
2016-06-08 16:20:52 ----SHD---- C:\Windows\Installer
2016-06-08 16:20:52 ----D---- C:\ProgramData\Skype
2016-06-08 16:20:51 ----RD---- C:\Program Files (x86)\Skype
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2016-06-03 09:38:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvwgf2umx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvd3dumx.dll
2016-06-03 09:38:10 ----A---- C:\Windows\system32\nvapi64.dll
2016-05-28 04:35:46 ----D---- C:\Users\jemin\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 NBVol;Nero Backup Volume Filter Driver; C:\Windows\system32\DRIVERS\NBVol.sys [2011-07-13 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\Windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 15920]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-05-30 50464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-06-28 283064]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-12-21 3793872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2000-01-01 4467928]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-11-03 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-05-02 28216]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-04-14 56384]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-25 769168]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2000-01-01 26440]
S1 UsbCharger;UsbCharger; C:\Windows\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 androidusb;ADB Interface Driver; C:\Windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cpuz136;cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-10-13 110336]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys []
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-10-13 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-06-26 16056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2000-01-01 43976]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Home.10.0;ABBYY FineReader 10 HE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\Home\NetworkLicenseServer.exe [2010-07-21 814344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-05-02 1165368]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2016-01-13 319096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-05-02 1881144]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-05-02 2522680]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2016-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2016-01-03 214520]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-10-04 785160]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-05-13 2324216]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-05-02 3634232]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-06-15 1518672]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-04 169432]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-04 432088]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-02-23 1263040]
S2 SlimService;SlimWare Utility Service Launcher; C:\Program Files\SlimService\SlimServiceFactory.exe []
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-10-04 5467920]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16 270016]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2016-01-13 280696]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2015-10-04 137488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-04 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-09 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2015-10-04 64856]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2015-10-04 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2015-10-04 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2015-10-04 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-04 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po spuštění pc vyskakujou nežádoucí okna v IE
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: po spuštění pc vyskakujou nežádoucí okna v IE
je to fuč 
díky za pomoc 
díky za pomoc -
Rudy
- Site Admin
- Příspěvky: 118266
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: po spuštění pc vyskakujou nežádoucí okna v IE
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?