Prosím o prev. kontrolu logu

[jacktenrek]

Prosím po delší době o preventivní kontrolu dekuji



Logfile of random's system information tool 1.10 (written by random/random)
Run by natsof at 2015-06-12 11:00:20
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 11 GB (11%) free of 100 GB
Total RAM: 4608 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:29, on 12.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\natsof.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7770 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {7499DAA7-B489-4540-A596-F9F16A2B6476}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 49ec0203-10de-4bde-a3b5-4e5657a79e1d 1
\??\C:\Windows\system32\conhost.exe "-15826289171261484262578674080-1563098137-1729573684199457391515587535522103953862
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-431928905-1255694264-323034673465464121-924145947-920936672-722832285-1491376393
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
taskeng.exe {E2CAA9FC-BAE4-4A97-A698-E9214A98CF36}
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1056.0.912374294\186174394" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40,48 --gpu-vendor-id=0x10de --gpu-device-id=0x1282 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5306 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1056 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1056.3.1679926376\1618587368" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group17 pct:1h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RememberCertificateErrorDecisions/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=1056 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --channel="1056.10.1183143059\1424427587" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe42_ Global\UsGthrCtrlFltPipeMssGthrPipe42 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 860 864 872 65536 868
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\natsof\Downloads\RSITx64 (1).exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3304812697-3683947080-96099189-1001Core.job - C:\Users\natsof\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3304812697-3683947080-96099189-1001UA.job - C:\Users\natsof\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-06-10 1427648]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-10-14 13672152]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-11 2754704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-18 7451928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnTBMon]
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-04-18 7451928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ComodoFSChrome]
C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\natsof\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_272C2165B992FFAA49564EC6559E6795]
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-04-05 809288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
c:\program files (x86)\nvidia corporation\update core\nvbackend.exe [2015-06-11 2754704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe [2015-03-30 40688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrivDogService]
C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray]
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2014-12-29 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-02 28785280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-19 335232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-05-26 7799576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-06-23 2327248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-07-17 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-07-17 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk]
C:\PROGRA~1\COMODO\GEEKBU~1\launcher.exe [2014-06-24 48848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^natsof^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2009-10-14 517384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^natsof^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk]
C:\PROGRA~2\PDANET~1\PdaNetPC.exe [2014-01-07 1054432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-19 335232]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"VIDC.I420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-06-12 11:00:20 ----D---- C:\rsit
2015-06-12 11:00:20 ----D---- C:\Program Files\trend micro
2015-06-11 07:03:45 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-11 06:56:04 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-06-11 06:56:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-11 06:56:03 ----A---- C:\Windows\system32\nvhdap64.dll
2015-06-11 06:56:02 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-11 06:56:02 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-11 06:56:01 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-11 06:56:01 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-11 06:56:01 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-11 06:56:01 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-11 06:56:01 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-11 06:56:01 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-11 06:56:00 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-11 06:55:59 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-11 06:55:59 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-11 06:55:59 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-11 06:55:59 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-11 06:55:59 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-11 06:55:59 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-11 06:55:59 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-11 06:55:59 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-11 06:55:59 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-11 06:55:59 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-11 06:55:58 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-11 06:55:58 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-11 06:55:58 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-11 06:55:57 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-11 06:55:57 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-11 06:55:57 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-11 06:55:57 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-11 06:55:51 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-11 06:55:51 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-11 06:34:34 ----D---- C:\Windows\LastGood
2015-06-11 06:34:06 ----D---- C:\ProgramData\boost_interprocess
2015-06-11 06:34:04 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-11 06:34:04 ----A---- C:\Windows\system32\drivers\nvvad64v.sys

======List of files/folders modified in the last 1 month======

2015-06-12 11:00:29 ----D---- C:\Windows\Prefetch
2015-06-12 11:00:20 ----RD---- C:\Program Files
2015-06-12 10:56:56 ----D---- C:\Users\natsof\AppData\Roaming\TS3Client
2015-06-12 10:56:50 ----D---- C:\Windows\system32\LogFiles
2015-06-12 10:56:48 ----D---- C:\Windows\inf
2015-06-12 10:56:48 ----D---- C:\Windows
2015-06-12 10:56:46 ----D---- C:\Windows\Temp
2015-06-12 10:55:23 ----D---- C:\Program Files (x86)\WarThunder
2015-06-11 08:15:35 ----D---- C:\Windows\system32\config
2015-06-11 07:09:59 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-11 07:09:23 ----SHD---- C:\Windows\Installer
2015-06-11 07:09:22 ----RD---- C:\Program Files (x86)
2015-06-11 07:08:23 ----SHD---- C:\System Volume Information
2015-06-11 07:06:43 ----D---- C:\Windows\System32
2015-06-11 07:06:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-11 07:04:56 ----D---- C:\ProgramData\NVIDIA
2015-06-11 07:04:25 ----D---- C:\Windows\SysWOW64
2015-06-11 07:03:42 ----D---- C:\Windows\system32\catroot
2015-06-11 07:03:41 ----D---- C:\Windows\system32\DriverStore
2015-06-11 07:03:26 ----D---- C:\Windows\system32\drivers
2015-06-11 07:03:17 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2015-06-11 07:01:47 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-11 07:01:39 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-11 06:59:43 ----D---- C:\Program Files\NVIDIA Corporation
2015-06-11 06:59:27 ----D---- C:\Windows\system32\catroot2
2015-06-11 06:58:55 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-11 06:58:54 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-11 06:58:51 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-11 06:58:49 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-11 06:58:49 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-11 06:58:49 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-11 06:34:30 ----A---- C:\Windows\system32\nvaudcap64v.dll
2015-06-11 06:34:06 ----HD---- C:\ProgramData
2015-06-11 05:40:14 ----D---- C:\Users\natsof\AppData\Roaming\Skype
2015-06-10 19:39:40 ----D---- C:\ProgramData\Skype
2015-06-08 06:23:30 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-06-05 15:34:24 ----A---- C:\Windows\system32\cmdcsr.dll
2015-06-05 15:34:18 ----A---- C:\Windows\SYSWOW64\guard32.dll
2015-06-05 15:34:15 ----A---- C:\Windows\system32\guard64.dll
2015-06-05 15:33:18 ----A---- C:\Windows\system32\cmdvrt64.dll
2015-06-05 15:32:51 ----A---- C:\Windows\system32\cmdkbd64.dll
2015-06-05 15:31:54 ----A---- C:\Windows\SYSWOW64\cmdvrt32.dll
2015-06-05 15:31:27 ----A---- C:\Windows\SYSWOW64\cmdkbd32.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-03 23:04:55 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04:45 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-26 19:13:15 ----D---- C:\Program Files\SUPERAntiSpyware
2015-05-23 20:16:18 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2014-10-14 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-12-29 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-03-15 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2014-12-29 199552]
R1 CFRMD;CFRMD; C:\Windows\system32\DRIVERS\CFRMD.sys [2013-05-07 37976]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-06-05 20672]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2015-06-05 797256]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-06-05 45856]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2014-12-29 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-15 283064]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver; C:\Windows\system32\DRIVERS\hmd.sys [2013-10-07 14888]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-06-05 104584]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-10-14 3962840]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-11 195912]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2014-10-14 349416]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-03 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-06-11 46768]
R3 pneteth;PdaNet Broadband; C:\Windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2014-12-29 165888]
S3 abqh2t2m;abqh2t2m; C:\Windows\system32\drivers\abqh2t2m.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-10-07 30232]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 PID_0928;Logitech QuickCam Express(PID_0928); C:\Windows\system32\DRIVERS\LV561V64.SYS [2015-03-13 588952]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-12-29 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2014-12-29 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2014-12-29 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2014-12-29 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-12-29 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2014-12-30 19968]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2014-12-29 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [2010-11-01 14544]
S3 WinUsb;YunOS USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2014-12-29 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CLPSLauncher;COMODO LPS Launcher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2014-06-24 70864]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-06-10 5541960]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-11 1152656]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 191000]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-11 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-11 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-11 937288]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-11 410768]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-06-10 2265792]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-01-01 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-01 1255736]
S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20 268464]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-21 2135232]
S4 GeekBuddyRSP;GeekBuddyRSP Server; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2014-06-23 2327248]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-13 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-13 116648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-03-30 998640]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
S4 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
S4 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
S4 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]

-----------------EOF-----------------

[Márty84]

Zdravim

Jen takova mala technicka. Jak je to s legalitou systemu? Ultimate neni zrovna bezna domaci verze

A ma vubec cenu se logem zabyvat, kdyz prohlidky stejne vetsinou nedotahnete az do konce? Je to pak zbytecna ztrata casu

[jacktenrek]

otazka a: komp není můj ale máti
b: zaručuji zdárný konec

[Márty84]

otazka a: komp není můj ale máti

Ja se ale neptal ci je, jen jestli je system legalni

b: zaručuji zdárný konec

Jestli to nedokoncite, budou dalsi pripadne zadosti ignorovany


Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[jacktenrek]

ok děkuji vypadá to na dlouhou akci

[Márty84]

Jsou tam veci na odstraneni, takze kdyz uz procistit, tak poradne

[jacktenrek]

adwcleaner:

# AdwCleaner v4.206 - Log vytvořen 12/06/2015 v 18:06:32
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-09.1 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x64)
# Uživatelské jméno : natsof - NATSOF-PC
# Spuštěno z : C:\Users\natsof\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v41.0.2272.118


-\\ Comodo Dragon v33.1.0.0


*************************

AdwCleaner[R0].txt - [916 bytů] - [22/03/2014 00:11:02]
AdwCleaner[R1].txt - [3384 bytů] - [21/12/2014 00:04:36]
AdwCleaner[R2].txt - [1021 bytů] - [12/06/2015 18:00:03]
AdwCleaner[R3].txt - [1267 bytů] - [12/06/2015 18:04:30]
AdwCleaner[S0].txt - [988 bytů] - [22/03/2014 00:12:48]
AdwCleaner[S1].txt - [3500 bytů] - [21/12/2014 00:06:59]
AdwCleaner[S2].txt - [1186 bytů] - [12/06/2015 18:06:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1244 bytů] ##########

mbam:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12.6.2015
Čas skenování: 18:20:22
Protokol: hh.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.04.05.02
Databáze rootkitů: v2015.06.02.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: natsof

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 531607
Uplynulý čas: 2 hod, 10 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 6
PUP.Optional.Softonic.A, C:\ProgramData\COMODO\Cis\Quarantine\data\{217EDA51-0ED3-4FCB-BE06-2F477DDB0204}, , [bf3740283c4eb0866ddf0a45e61b5ea2],
PUP.Optional.Installex, C:\ProgramData\COMODO\Cis\Quarantine\data\{65EAE89C-2AC1-4275-BABA-D04A5A86EE3E}, , [b44213554d3d0e28eb908ff9837e10f0],
PUP.Optional.MultiPlug.A, C:\ProgramData\COMODO\Cis\Quarantine\data\{91645B98-F0C9-4D8C-AAE8-03F870818093}, , [cc2a6602a9e13006d474898bff0357a9],
PUP.Optional.Softonic.A, C:\ProgramData\COMODO\Cis\Quarantine\data\{96DB6423-FD2A-4514-9ACF-56077D60DDD0}, , [a05647214c3e3bfb6ce00e41837eca36],
PUP.Optional.Installex, C:\ProgramData\COMODO\Cis\Quarantine\data\{ED9FFB08-868A-4681-AB36-704FF7B205E3}, , [599d2741f89220163abeb7dab44d758b],
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [e511c5a39ded1422eb70acf23acbbd43],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Nejak jste se vyhnul odpovedi na tu legalitu, nicmene log to uz prozradil za vas


Pravidla fora hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512

Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.

[jacktenrek]

tož ok vidím to taky .. co nadělám .. i tak dík nejak to dopadne

[Márty84]

Tak psal jste, ze jde jen o preventivku, tak to snad bude OK.

Pokud to v pc jeste je, odinstalujte vse od IObit a Spybota.

Odinstalujte i MBAM

Najdete a smazte tyto soubory:
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3304812697-3683947080-96099189-1001Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3304812697-3683947080-96099189-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job


Pouzijte DelFix, Ccleaner a Defraggler

Vic poradit nemuzu.

Nemate zac!

Mejte se a treba zase nekdy