Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2016-02-13 16:19:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (11%) free of 296 GB
Total RAM: 3063 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:20:13, on 13.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\GWX\GWX.exe
C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c\plugins\7\plugin.exe
C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c\plugins\3\plugin.exe
C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c\plugins\12\plugin.exe
C:\Users\doma\Desktop\RSIT.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... dRAm0DQFxN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... dRAm0DQFxN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Sonic Train - {0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc} - C:\Program Files\Sonic Train\Extensions\0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Service Mgr SonicTrain - Unknown owner - C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c\plugincontainer.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Update Mgr SonicTrain - Unknown owner - C:\Program Files\Common Files\1a0254e4-d458-47fa-82a0-6940ee729f6c\updater.exe
--
End of file - 5070 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}]
Sonic Train - C:\Program Files\Sonic Train\Extensions\0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc.dll [2015-10-27 145608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2585744]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-02-13 16:19:58 ----D---- C:\rsit
2016-02-13 16:19:58 ----D---- C:\Program Files\trend micro
2016-02-12 19:28:02 ----A---- C:\Windows\system32\appraiser.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\invagent.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\generaltel.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\devinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-12 19:28:01 ----A---- C:\Windows\system32\aeinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\acmigration.dll
2016-02-12 19:27:51 ----A---- C:\Windows\system32\ole32.dll
2016-02-12 19:27:28 ----A---- C:\Windows\system32\shell32.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\authui.dll
2016-02-12 19:27:27 ----A---- C:\Windows\explorer.exe
2016-02-12 19:27:11 ----A---- C:\Windows\system32\InkEd.dll
2016-02-12 19:27:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-12 19:27:09 ----A---- C:\Windows\system32\win32k.sys
2016-02-12 19:27:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-12 19:27:03 ----A---- C:\Windows\system32\ntdll.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\EncDec.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-12 19:27:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\advapi32.dll
2016-02-12 19:27:00 ----A---- C:\Windows\system32\kerberos.dll
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\winsrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\conhost.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\wdigest.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\sspicli.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\srcore.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\smss.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\schannel.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\srclient.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\secur32.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\rstrui.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\lsass.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\credssp.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\auditpol.exe
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msobjs.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\adtschema.dll
2016-02-12 19:26:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieui.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieframe.dll
2016-02-12 19:26:33 ----A---- C:\Windows\system32\mshtml.dll
2016-02-12 19:26:32 ----A---- C:\Windows\system32\iertutil.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\occache.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iernonce.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-12 19:26:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\inseng.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\webcheck.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\msrating.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\iesetup.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\wininet.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 19:26:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-12 19:26:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-12 19:26:14 ----A---- C:\Windows\system32\jscript9.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\vbscript.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\jscript.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wucltux.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuapi.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups2.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wudriver.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuapp.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-23 18:13:07 ----D---- C:\Program Files\Movie Maker 2.6
2016-01-15 16:43:05 ----A---- C:\Windows\system32\aepic.dll
2016-01-15 16:43:04 ----A---- C:\Windows\system32\gdi32.dll
2016-01-15 16:43:03 ----A---- C:\Windows\system32\qedit.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapistub.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapi32.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-15 16:43:00 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-15 16:43:00 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\mf.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\quartz.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\qdvd.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mfplat.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mcmde.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\evr.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\devenum.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-15 16:42:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\qasf.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfps.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mferror.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\ksuser.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmk.sys
======List of files/folders modified in the last 1 month======
2016-02-13 16:20:09 ----D---- C:\Windows\Prefetch
2016-02-13 16:19:59 ----D---- C:\Windows\Temp
2016-02-13 16:19:58 ----RD---- C:\Program Files
2016-02-13 16:06:05 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2016-02-13 14:52:20 ----D---- C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c
2016-02-13 13:47:16 ----D---- C:\Program Files\Common Files\1a0254e4-d458-47fa-82a0-6940ee729f6c
2016-02-13 10:48:56 ----D---- C:\Windows\Microsoft.NET
2016-02-13 10:47:11 ----RSD---- C:\Windows\assembly
2016-02-13 10:46:40 ----D---- C:\Windows\System32
2016-02-13 10:46:40 ----D---- C:\Windows\inf
2016-02-13 10:46:40 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-13 10:45:37 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-02-13 10:40:25 ----D---- C:\Windows\winsxs
2016-02-13 10:40:25 ----D---- C:\Windows\system32\config
2016-02-13 10:39:48 ----D---- C:\ProgramData\NVIDIA
2016-02-13 10:38:29 ----SD---- C:\Windows\system32\CompatTel
2016-02-13 10:38:28 ----D---- C:\Windows\system32\appraiser
2016-02-13 10:38:28 ----D---- C:\Windows\AppPatch
2016-02-13 10:38:27 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows
2016-02-13 10:38:27 ----D---- C:\Program Files\Windows Journal
2016-02-13 10:38:26 ----D---- C:\Windows\system32\drivers
2016-02-13 10:38:23 ----D---- C:\Windows\system32\en-US
2016-02-13 10:38:23 ----D---- C:\Program Files\Internet Explorer
2016-02-13 01:12:16 ----SHD---- C:\Windows\Installer
2016-02-13 01:08:27 ----D---- C:\Windows\system32\MRT
2016-02-13 01:08:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-13 01:05:28 ----SHD---- C:\System Volume Information
2016-02-12 19:24:05 ----D---- C:\Windows\system32\catroot2
2016-02-09 19:34:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-05 17:23:49 ----D---- C:\Windows\Tasks
2016-02-05 16:57:55 ----D---- C:\Windows\system32\Tasks
2016-02-05 16:57:55 ----D---- C:\Program Files\Opera
2016-01-16 13:45:03 ----D---- C:\Windows\rescache
2016-01-16 09:12:25 ----D---- C:\Windows\system32\DriverStore
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-27 25016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-08-18 162592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2015-10-27 13368]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 Service Mgr SonicTrain;Service Mgr SonicTrain; C:\ProgramData\1a0254e4-d458-47fa-82a0-6940ee729f6c\plugincontainer.exe [2016-02-13 1401056]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-12-05 2324216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 Update Mgr SonicTrain;Update Mgr SonicTrain; C:\Program Files\Common Files\1a0254e4-d458-47fa-82a0-6940ee729f6c\updater.exe [2016-02-13 1272544]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
# AdwCleaner v5.035 - Logfile created 19/02/2016 at 21:01:10
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : doma - DOMA-PC
# Running from : C:\Users\doma\Downloads\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Sonic Train
***** [ Files ] *****
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{920D90DA-DF4C-4891-B1E4-6EBC87CB924D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1810 bytes] ##########
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu časté reklamy děkuji
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
prosím o kontrolu časté reklamy děkuji
Naposledy upravil(a) ardej dne 19 úno 2016 21:43, celkem upraveno 1 x.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu časté reklamy děkuji
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu časté reklamy děkuji AdwCleaner
-----------------EOF-----------------
# AdwCleaner v5.035 - Logfile created 19/02/2016 at 21:01:10
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : doma - DOMA-PC
# Running from : C:\Users\doma\Downloads\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Sonic Train
***** [ Files ] *****
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{920D90DA-DF4C-4891-B1E4-6EBC87CB924D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1810 bytes] ##########
# AdwCleaner v5.035 - Logfile created 19/02/2016 at 21:01:10
# Updated 18/02/2016 by Xplode
# Database : 2016-02-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : doma - DOMA-PC
# Running from : C:\Users\doma\Downloads\adwcleaner_5.035.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Sonic Train
***** [ Files ] *****
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] File Deleted : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9D94A729-4EFA-4D30-B6C6-7B7BEFAF6985}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{920D90DA-DF4C-4891-B1E4-6EBC87CB924D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0c3ddfb7-4cdb-495b-b3e9-d59725b43dfc}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sonic Train
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1810 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu časté reklamy děkuji
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu časté reklamy děkuji thx
Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2016-02-21 20:38:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (18%) free of 296 GB
Total RAM: 3063 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:47, on 21.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Downloads\RSIT (2).exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4064 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2585744]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2016-02-21 20:34:50 ----D---- C:\Users\doma\AppData\Roaming\Adobe
2016-02-15 04:07:02 ----D---- C:\AdwCleaner
2016-02-13 16:19:58 ----D---- C:\rsit
2016-02-13 16:19:58 ----D---- C:\Program Files\trend micro
2016-02-12 19:28:02 ----A---- C:\Windows\system32\appraiser.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\invagent.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\generaltel.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\devinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-12 19:28:01 ----A---- C:\Windows\system32\aeinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\acmigration.dll
2016-02-12 19:27:51 ----A---- C:\Windows\system32\ole32.dll
2016-02-12 19:27:28 ----A---- C:\Windows\system32\shell32.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\authui.dll
2016-02-12 19:27:27 ----A---- C:\Windows\explorer.exe
2016-02-12 19:27:11 ----A---- C:\Windows\system32\InkEd.dll
2016-02-12 19:27:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-12 19:27:09 ----A---- C:\Windows\system32\win32k.sys
2016-02-12 19:27:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-12 19:27:03 ----A---- C:\Windows\system32\ntdll.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\EncDec.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-12 19:27:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\advapi32.dll
2016-02-12 19:27:00 ----A---- C:\Windows\system32\kerberos.dll
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\winsrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\conhost.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\wdigest.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\sspicli.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\srcore.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\smss.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\schannel.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\srclient.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\secur32.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\rstrui.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\lsass.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\credssp.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\auditpol.exe
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msobjs.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\adtschema.dll
2016-02-12 19:26:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieui.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieframe.dll
2016-02-12 19:26:33 ----A---- C:\Windows\system32\mshtml.dll
2016-02-12 19:26:32 ----A---- C:\Windows\system32\iertutil.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\occache.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iernonce.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-12 19:26:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\inseng.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\webcheck.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\msrating.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\iesetup.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\wininet.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 19:26:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-12 19:26:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-12 19:26:14 ----A---- C:\Windows\system32\jscript9.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\vbscript.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\jscript.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wucltux.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuapi.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups2.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wudriver.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuapp.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-23 18:13:07 ----D---- C:\Program Files\Movie Maker 2.6
2016-01-15 16:43:05 ----A---- C:\Windows\system32\aepic.dll
2016-01-15 16:43:04 ----A---- C:\Windows\system32\gdi32.dll
2016-01-15 16:43:03 ----A---- C:\Windows\system32\qedit.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapistub.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapi32.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-15 16:43:00 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-15 16:43:00 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\mf.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\quartz.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\qdvd.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mfplat.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mcmde.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\evr.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\devenum.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-15 16:42:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\qasf.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfps.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mferror.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\ksuser.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2015-12-18 21:04:25 ----D---- C:\Program Files\CPUID
2015-12-18 16:16:04 ----D---- C:\Program Files\WoW Cata
2015-12-13 18:42:01 ----D---- C:\Users\doma\AppData\Roaming\Battle.net
2015-12-12 23:59:26 ----D---- C:\Users\doma\AppData\Roaming\NVIDIA
2015-12-12 23:59:12 ----D---- C:\ProgramData\Blizzard Entertainment
2015-12-12 23:57:46 ----D---- C:\ProgramData\Battle.net
2015-12-12 23:56:32 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2015-12-10 15:34:29 ----A---- C:\Windows\system32\user32.dll
2015-12-10 15:34:29 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 15:34:29 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 15:34:28 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 15:34:28 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 15:34:01 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 15:33:55 ----A---- C:\Windows\system32\els.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\nlsbres.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-12-10 15:33:53 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-12-10 15:33:48 ----A---- C:\Windows\system32\usp10.dll
2015-12-10 15:33:47 ----A---- C:\Windows\system32\wshrm.dll
2015-12-10 15:33:47 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-05 19:52:40 ----D---- C:\Users\doma\AppData\Roaming\WinRAR
2015-12-05 19:51:19 ----D---- C:\Program Files\WinRAR
2015-12-05 19:51:18 ----A---- C:\Windows\system32\ssinstall-uninstall.bat
2015-12-05 19:51:16 ----A---- C:\Windows\system32\ssins.exe
2015-12-05 19:48:04 ----D---- C:\Users\doma\AppData\Roaming\AVS4YOU
2015-12-05 19:47:10 ----D---- C:\ProgramData\AVS4YOU
2015-12-05 19:46:41 ----A---- C:\Windows\system32\msvcp70.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\msxml3a.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\mfc70.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\GdiPlus.dll
2015-12-05 19:46:33 ----D---- C:\Program Files\Common Files\AVSMedia
2015-12-05 19:46:33 ----D---- C:\Program Files\AVS4YOU
======List of files/folders modified in the last 3 months======
2016-02-21 20:38:45 ----D---- C:\Windows\Prefetch
2016-02-21 20:38:34 ----D---- C:\Windows\Temp
2016-02-21 18:50:30 ----D---- C:\Windows\system32\config
2016-02-21 18:46:11 ----D---- C:\Windows\System32
2016-02-21 18:46:11 ----D---- C:\Windows\inf
2016-02-21 18:46:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-21 18:45:14 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-02-21 18:39:56 ----D---- C:\ProgramData\NVIDIA
2016-02-19 21:01:25 ----D---- C:\Windows\system32\catroot2
2016-02-19 21:01:10 ----RD---- C:\Program Files
2016-02-19 11:41:37 ----SHD---- C:\System Volume Information
2016-02-19 11:21:08 ----D---- C:\Windows\system32\Tasks
2016-02-19 11:21:08 ----D---- C:\Program Files\Opera
2016-02-15 04:10:14 ----D---- C:\Windows\system32\drivers
2016-02-15 04:10:12 ----HD---- C:\ProgramData
2016-02-15 04:10:12 ----D---- C:\Program Files\Common Files
2016-02-14 21:05:11 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2016-02-13 17:20:24 ----D---- C:\Windows\rescache
2016-02-13 10:48:56 ----D---- C:\Windows\Microsoft.NET
2016-02-13 10:47:11 ----RSD---- C:\Windows\assembly
2016-02-13 10:40:25 ----D---- C:\Windows\winsxs
2016-02-13 10:38:29 ----SD---- C:\Windows\system32\CompatTel
2016-02-13 10:38:28 ----D---- C:\Windows\system32\appraiser
2016-02-13 10:38:28 ----D---- C:\Windows\AppPatch
2016-02-13 10:38:27 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows
2016-02-13 10:38:27 ----D---- C:\Program Files\Windows Journal
2016-02-13 10:38:23 ----D---- C:\Windows\system32\en-US
2016-02-13 10:38:23 ----D---- C:\Program Files\Internet Explorer
2016-02-13 01:12:16 ----SHD---- C:\Windows\Installer
2016-02-13 01:11:50 ----D---- C:\Windows\system32\MRT
2016-02-13 01:08:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 19:34:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-05 17:23:49 ----D---- C:\Windows\Tasks
2016-01-16 09:12:25 ----D---- C:\Windows\system32\DriverStore
2015-12-28 11:07:23 ----D---- C:\Windows\system32\wdi
2015-12-19 00:30:57 ----SD---- C:\ProgramData\Microsoft
2015-12-19 00:29:40 ----SD---- C:\Windows\system32\GWX
2015-12-12 20:58:43 ----D---- C:\Program Files\Steam
2015-12-11 09:06:41 ----D---- C:\Windows\ehome
2015-12-11 09:06:36 ----RSD---- C:\Windows\Fonts
2015-12-09 04:39:28 ----N---- C:\Windows\system32\MpSigStub.exe
2015-11-22 09:34:36 ----D---- C:\ProgramData\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-27 25016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-08-18 162592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-12-05 2324216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by doma at 2016-02-21 20:38:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (18%) free of 296 GB
Total RAM: 3063 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:47, on 21.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Downloads\RSIT (2).exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4064 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2585744]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 981688]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2016-02-21 20:34:50 ----D---- C:\Users\doma\AppData\Roaming\Adobe
2016-02-15 04:07:02 ----D---- C:\AdwCleaner
2016-02-13 16:19:58 ----D---- C:\rsit
2016-02-13 16:19:58 ----D---- C:\Program Files\trend micro
2016-02-12 19:28:02 ----A---- C:\Windows\system32\appraiser.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\invagent.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\generaltel.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\devinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-12 19:28:01 ----A---- C:\Windows\system32\aeinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\acmigration.dll
2016-02-12 19:27:51 ----A---- C:\Windows\system32\ole32.dll
2016-02-12 19:27:28 ----A---- C:\Windows\system32\shell32.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\authui.dll
2016-02-12 19:27:27 ----A---- C:\Windows\explorer.exe
2016-02-12 19:27:11 ----A---- C:\Windows\system32\InkEd.dll
2016-02-12 19:27:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-12 19:27:09 ----A---- C:\Windows\system32\win32k.sys
2016-02-12 19:27:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-12 19:27:03 ----A---- C:\Windows\system32\ntdll.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\EncDec.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-12 19:27:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\advapi32.dll
2016-02-12 19:27:00 ----A---- C:\Windows\system32\kerberos.dll
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\winsrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\conhost.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\wdigest.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\sspicli.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\srcore.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\smss.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\schannel.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\srclient.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\secur32.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\rstrui.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\lsass.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\credssp.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\auditpol.exe
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msobjs.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\adtschema.dll
2016-02-12 19:26:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieui.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieframe.dll
2016-02-12 19:26:33 ----A---- C:\Windows\system32\mshtml.dll
2016-02-12 19:26:32 ----A---- C:\Windows\system32\iertutil.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\occache.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iernonce.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-12 19:26:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\inseng.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\webcheck.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\msrating.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\iesetup.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\wininet.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 19:26:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-12 19:26:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-12 19:26:14 ----A---- C:\Windows\system32\jscript9.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\vbscript.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\jscript.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wucltux.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuapi.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups2.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wudriver.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuapp.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-01-23 18:13:07 ----D---- C:\Program Files\Movie Maker 2.6
2016-01-15 16:43:05 ----A---- C:\Windows\system32\aepic.dll
2016-01-15 16:43:04 ----A---- C:\Windows\system32\gdi32.dll
2016-01-15 16:43:03 ----A---- C:\Windows\system32\qedit.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapistub.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\mapi32.dll
2016-01-15 16:43:01 ----A---- C:\Windows\system32\fixmapi.exe
2016-01-15 16:43:00 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-15 16:43:00 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\wmpmde.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-15 16:42:59 ----A---- C:\Windows\system32\mf.dll
2016-01-15 16:42:59 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\quartz.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\qdvd.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mfplat.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\mcmde.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\evr.dll
2016-01-15 16:42:58 ----A---- C:\Windows\system32\devenum.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\SysFxUI.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\rrinstaller.exe
2016-01-15 16:42:57 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\qasf.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-15 16:42:57 ----A---- C:\Windows\system32\mfps.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mfpmp.exe
2016-01-15 16:42:56 ----A---- C:\Windows\system32\mferror.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\ksuser.dll
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\portcls.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2016-01-15 16:42:56 ----A---- C:\Windows\system32\drivers\drmk.sys
2015-12-18 21:04:25 ----D---- C:\Program Files\CPUID
2015-12-18 16:16:04 ----D---- C:\Program Files\WoW Cata
2015-12-13 18:42:01 ----D---- C:\Users\doma\AppData\Roaming\Battle.net
2015-12-12 23:59:26 ----D---- C:\Users\doma\AppData\Roaming\NVIDIA
2015-12-12 23:59:12 ----D---- C:\ProgramData\Blizzard Entertainment
2015-12-12 23:57:46 ----D---- C:\ProgramData\Battle.net
2015-12-12 23:56:32 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2015-12-10 15:34:29 ----A---- C:\Windows\system32\user32.dll
2015-12-10 15:34:29 ----A---- C:\Windows\system32\FntCache.dll
2015-12-10 15:34:29 ----A---- C:\Windows\system32\DWrite.dll
2015-12-10 15:34:28 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-10 15:34:28 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-10 15:34:01 ----A---- C:\Windows\system32\tzres.dll
2015-12-10 15:33:55 ----A---- C:\Windows\system32\els.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\nlsbres.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-12-10 15:33:53 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-12-10 15:33:53 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-12-10 15:33:48 ----A---- C:\Windows\system32\usp10.dll
2015-12-10 15:33:47 ----A---- C:\Windows\system32\wshrm.dll
2015-12-10 15:33:47 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-05 19:52:40 ----D---- C:\Users\doma\AppData\Roaming\WinRAR
2015-12-05 19:51:19 ----D---- C:\Program Files\WinRAR
2015-12-05 19:51:18 ----A---- C:\Windows\system32\ssinstall-uninstall.bat
2015-12-05 19:51:16 ----A---- C:\Windows\system32\ssins.exe
2015-12-05 19:48:04 ----D---- C:\Users\doma\AppData\Roaming\AVS4YOU
2015-12-05 19:47:10 ----D---- C:\ProgramData\AVS4YOU
2015-12-05 19:46:41 ----A---- C:\Windows\system32\msvcp70.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\msxml3a.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\mfc70.dll
2015-12-05 19:46:40 ----A---- C:\Windows\system32\GdiPlus.dll
2015-12-05 19:46:33 ----D---- C:\Program Files\Common Files\AVSMedia
2015-12-05 19:46:33 ----D---- C:\Program Files\AVS4YOU
======List of files/folders modified in the last 3 months======
2016-02-21 20:38:45 ----D---- C:\Windows\Prefetch
2016-02-21 20:38:34 ----D---- C:\Windows\Temp
2016-02-21 18:50:30 ----D---- C:\Windows\system32\config
2016-02-21 18:46:11 ----D---- C:\Windows\System32
2016-02-21 18:46:11 ----D---- C:\Windows\inf
2016-02-21 18:46:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-21 18:45:14 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-02-21 18:39:56 ----D---- C:\ProgramData\NVIDIA
2016-02-19 21:01:25 ----D---- C:\Windows\system32\catroot2
2016-02-19 21:01:10 ----RD---- C:\Program Files
2016-02-19 11:41:37 ----SHD---- C:\System Volume Information
2016-02-19 11:21:08 ----D---- C:\Windows\system32\Tasks
2016-02-19 11:21:08 ----D---- C:\Program Files\Opera
2016-02-15 04:10:14 ----D---- C:\Windows\system32\drivers
2016-02-15 04:10:12 ----HD---- C:\ProgramData
2016-02-15 04:10:12 ----D---- C:\Program Files\Common Files
2016-02-14 21:05:11 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2016-02-13 17:20:24 ----D---- C:\Windows\rescache
2016-02-13 10:48:56 ----D---- C:\Windows\Microsoft.NET
2016-02-13 10:47:11 ----RSD---- C:\Windows\assembly
2016-02-13 10:40:25 ----D---- C:\Windows\winsxs
2016-02-13 10:38:29 ----SD---- C:\Windows\system32\CompatTel
2016-02-13 10:38:28 ----D---- C:\Windows\system32\appraiser
2016-02-13 10:38:28 ----D---- C:\Windows\AppPatch
2016-02-13 10:38:27 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows
2016-02-13 10:38:27 ----D---- C:\Program Files\Windows Journal
2016-02-13 10:38:23 ----D---- C:\Windows\system32\en-US
2016-02-13 10:38:23 ----D---- C:\Program Files\Internet Explorer
2016-02-13 01:12:16 ----SHD---- C:\Windows\Installer
2016-02-13 01:11:50 ----D---- C:\Windows\system32\MRT
2016-02-13 01:08:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 19:34:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-05 17:23:49 ----D---- C:\Windows\Tasks
2016-01-16 09:12:25 ----D---- C:\Windows\system32\DriverStore
2015-12-28 11:07:23 ----D---- C:\Windows\system32\wdi
2015-12-19 00:30:57 ----SD---- C:\ProgramData\Microsoft
2015-12-19 00:29:40 ----SD---- C:\Windows\system32\GWX
2015-12-12 20:58:43 ----D---- C:\Program Files\Steam
2015-12-11 09:06:41 ----D---- C:\Windows\ehome
2015-12-11 09:06:36 ----RSD---- C:\Windows\Fonts
2015-12-09 04:39:28 ----N---- C:\Windows\system32\MpSigStub.exe
2015-11-22 09:34:36 ----D---- C:\ProgramData\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 245096]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 95408]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-27 25016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-08-18 162592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 22216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-12-05 2324216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 284504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu časté reklamy děkuji
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosím o kontrolu časté reklamy děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by doma at 2016-02-27 11:32:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (17%) free of 296 GB
Total RAM: 3063 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:35, on 27.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Downloads\RSIT (1).exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4317 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2585744]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 986872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-02-21 20:34:50 ----D---- C:\Users\doma\AppData\Roaming\Adobe
2016-02-15 04:07:02 ----D---- C:\AdwCleaner
2016-02-13 16:19:58 ----D---- C:\rsit
2016-02-13 16:19:58 ----D---- C:\Program Files\trend micro
2016-02-12 19:28:02 ----A---- C:\Windows\system32\appraiser.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\invagent.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\generaltel.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\devinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-12 19:28:01 ----A---- C:\Windows\system32\aeinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\acmigration.dll
2016-02-12 19:27:51 ----A---- C:\Windows\system32\ole32.dll
2016-02-12 19:27:28 ----A---- C:\Windows\system32\shell32.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\authui.dll
2016-02-12 19:27:27 ----A---- C:\Windows\explorer.exe
2016-02-12 19:27:11 ----A---- C:\Windows\system32\InkEd.dll
2016-02-12 19:27:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-12 19:27:09 ----A---- C:\Windows\system32\win32k.sys
2016-02-12 19:27:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-12 19:27:03 ----A---- C:\Windows\system32\ntdll.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\EncDec.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-12 19:27:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\advapi32.dll
2016-02-12 19:27:00 ----A---- C:\Windows\system32\kerberos.dll
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\winsrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\conhost.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\wdigest.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\sspicli.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\srcore.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\smss.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\schannel.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\srclient.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\secur32.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\rstrui.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\lsass.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\credssp.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\auditpol.exe
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msobjs.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\adtschema.dll
2016-02-12 19:26:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieui.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieframe.dll
2016-02-12 19:26:33 ----A---- C:\Windows\system32\mshtml.dll
2016-02-12 19:26:32 ----A---- C:\Windows\system32\iertutil.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\occache.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iernonce.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-12 19:26:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\inseng.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\webcheck.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\msrating.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\iesetup.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\wininet.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 19:26:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-12 19:26:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-12 19:26:14 ----A---- C:\Windows\system32\jscript9.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\vbscript.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\jscript.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wucltux.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuapi.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups2.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wudriver.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuapp.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\WinSetupUI.dll
======List of files/folders modified in the last 1 month======
2016-02-27 11:32:35 ----D---- C:\Windows\Prefetch
2016-02-27 11:31:57 ----D---- C:\Windows\Temp
2016-02-27 10:37:35 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-02-27 10:36:54 ----D---- C:\Windows\System32
2016-02-27 10:36:54 ----D---- C:\Windows\inf
2016-02-27 10:36:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-27 10:35:37 ----D---- C:\Windows\system32\config
2016-02-27 10:32:22 ----D---- C:\ProgramData\NVIDIA
2016-02-27 03:04:14 ----D---- C:\Windows\system32\catroot
2016-02-27 03:01:21 ----D---- C:\Windows\winsxs
2016-02-27 03:01:18 ----SD---- C:\Windows\system32\GWX
2016-02-27 03:01:10 ----D---- C:\Windows
2016-02-27 03:01:07 ----SHD---- C:\Windows\Installer
2016-02-27 03:00:50 ----D---- C:\Windows\system32\drivers
2016-02-27 03:00:48 ----D---- C:\Program Files\Microsoft Security Client
2016-02-27 03:00:19 ----SHD---- C:\System Volume Information
2016-02-26 17:28:21 ----D---- C:\Windows\system32\Tasks
2016-02-26 17:28:21 ----D---- C:\Program Files\Opera
2016-02-19 21:01:25 ----D---- C:\Windows\system32\catroot2
2016-02-19 21:01:10 ----RD---- C:\Program Files
2016-02-15 04:10:12 ----HD---- C:\ProgramData
2016-02-15 04:10:12 ----D---- C:\Program Files\Common Files
2016-02-14 21:05:11 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2016-02-13 17:20:24 ----D---- C:\Windows\rescache
2016-02-13 10:48:56 ----D---- C:\Windows\Microsoft.NET
2016-02-13 10:47:11 ----RSD---- C:\Windows\assembly
2016-02-13 10:38:29 ----SD---- C:\Windows\system32\CompatTel
2016-02-13 10:38:28 ----D---- C:\Windows\system32\appraiser
2016-02-13 10:38:28 ----D---- C:\Windows\AppPatch
2016-02-13 10:38:27 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Program Files\Windows Journal
2016-02-13 10:38:23 ----D---- C:\Windows\system32\en-US
2016-02-13 10:38:23 ----D---- C:\Program Files\Internet Explorer
2016-02-13 01:11:50 ----D---- C:\Windows\system32\MRT
2016-02-13 01:08:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 19:34:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-05 17:23:49 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 253704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-27 25016]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 104664]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-08-18 162592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 22216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-12-05 2324216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 292816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by doma at 2016-02-27 11:32:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (17%) free of 296 GB
Total RAM: 3063 MB (75% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:32:35, on 27.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\doma\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Downloads\RSIT (1).exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 4317 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-18 2585744]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 986872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 3576664]
"cz.seznam.software.autoupdate"=C:\Users\doma\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\doma\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-02-21 20:34:50 ----D---- C:\Users\doma\AppData\Roaming\Adobe
2016-02-15 04:07:02 ----D---- C:\AdwCleaner
2016-02-13 16:19:58 ----D---- C:\rsit
2016-02-13 16:19:58 ----D---- C:\Program Files\trend micro
2016-02-12 19:28:02 ----A---- C:\Windows\system32\appraiser.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\invagent.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\generaltel.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\devinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-02-12 19:28:01 ----A---- C:\Windows\system32\aeinv.dll
2016-02-12 19:28:01 ----A---- C:\Windows\system32\acmigration.dll
2016-02-12 19:27:51 ----A---- C:\Windows\system32\ole32.dll
2016-02-12 19:27:28 ----A---- C:\Windows\system32\shell32.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-02-12 19:27:27 ----A---- C:\Windows\system32\authui.dll
2016-02-12 19:27:27 ----A---- C:\Windows\explorer.exe
2016-02-12 19:27:11 ----A---- C:\Windows\system32\InkEd.dll
2016-02-12 19:27:10 ----A---- C:\Windows\system32\jnwmon.dll
2016-02-12 19:27:09 ----A---- C:\Windows\system32\win32k.sys
2016-02-12 19:27:07 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-02-12 19:27:03 ----A---- C:\Windows\system32\ntdll.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\EncDec.dll
2016-02-12 19:27:03 ----A---- C:\Windows\system32\CPFilters.dll
2016-02-12 19:27:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-02-12 19:27:01 ----A---- C:\Windows\system32\mtxoci.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\msorcl32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\kernel32.dll
2016-02-12 19:27:01 ----A---- C:\Windows\system32\advapi32.dll
2016-02-12 19:27:00 ----A---- C:\Windows\system32\kerberos.dll
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-02-12 19:26:59 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\winsrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\rpcrt4.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2016-02-12 19:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-02-12 19:26:58 ----A---- C:\Windows\system32\conhost.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\wdigest.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\TSpkg.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\sspicli.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\srcore.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\smss.exe
2016-02-12 19:26:57 ----A---- C:\Windows\system32\schannel.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\ncrypt.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\msv1_0.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-02-12 19:26:57 ----A---- C:\Windows\system32\csrsrv.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\cryptbase.dll
2016-02-12 19:26:57 ----A---- C:\Windows\system32\apisetschema.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 19:26:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\sspisrv.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\srclient.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\secur32.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\rstrui.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\lsass.exe
2016-02-12 19:26:56 ----A---- C:\Windows\system32\credssp.dll
2016-02-12 19:26:56 ----A---- C:\Windows\system32\auditpol.exe
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 19:26:55 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 19:26:54 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msobjs.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\msaudite.dll
2016-02-12 19:26:54 ----A---- C:\Windows\system32\adtschema.dll
2016-02-12 19:26:35 ----A---- C:\Windows\system32\urlmon.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieui.dll
2016-02-12 19:26:34 ----A---- C:\Windows\system32\ieframe.dll
2016-02-12 19:26:33 ----A---- C:\Windows\system32\mshtml.dll
2016-02-12 19:26:32 ----A---- C:\Windows\system32\iertutil.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-02-12 19:26:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\occache.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\jsproxy.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ieUnatt.exe
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iernonce.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-02-12 19:26:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-02-12 19:26:22 ----A---- C:\Windows\system32\msfeeds.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\jscript9diag.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\inseng.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\ieapfltr.dll
2016-02-12 19:26:22 ----A---- C:\Windows\system32\dxtmsft.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\webcheck.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\msrating.dll
2016-02-12 19:26:21 ----A---- C:\Windows\system32\iesetup.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\wininet.dll
2016-02-12 19:26:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 19:26:19 ----A---- C:\Windows\system32\dxtrans.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-02-12 19:26:17 ----A---- C:\Windows\system32\mshtmled.dll
2016-02-12 19:26:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-02-12 19:26:14 ----A---- C:\Windows\system32\jscript9.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\vbscript.dll
2016-02-12 19:26:13 ----A---- C:\Windows\system32\jscript.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuwebv.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wucltux.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuaueng.dll
2016-02-12 19:25:57 ----A---- C:\Windows\system32\wuapi.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups2.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wups.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wudriver.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuauclt.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wuapp.exe
2016-02-12 19:25:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-02-12 19:25:56 ----A---- C:\Windows\system32\WinSetupUI.dll
======List of files/folders modified in the last 1 month======
2016-02-27 11:32:35 ----D---- C:\Windows\Prefetch
2016-02-27 11:31:57 ----D---- C:\Windows\Temp
2016-02-27 10:37:35 ----D---- C:\Users\doma\AppData\Roaming\Seznam.cz
2016-02-27 10:36:54 ----D---- C:\Windows\System32
2016-02-27 10:36:54 ----D---- C:\Windows\inf
2016-02-27 10:36:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-27 10:35:37 ----D---- C:\Windows\system32\config
2016-02-27 10:32:22 ----D---- C:\ProgramData\NVIDIA
2016-02-27 03:04:14 ----D---- C:\Windows\system32\catroot
2016-02-27 03:01:21 ----D---- C:\Windows\winsxs
2016-02-27 03:01:18 ----SD---- C:\Windows\system32\GWX
2016-02-27 03:01:10 ----D---- C:\Windows
2016-02-27 03:01:07 ----SHD---- C:\Windows\Installer
2016-02-27 03:00:50 ----D---- C:\Windows\system32\drivers
2016-02-27 03:00:48 ----D---- C:\Program Files\Microsoft Security Client
2016-02-27 03:00:19 ----SHD---- C:\System Volume Information
2016-02-26 17:28:21 ----D---- C:\Windows\system32\Tasks
2016-02-26 17:28:21 ----D---- C:\Program Files\Opera
2016-02-19 21:01:25 ----D---- C:\Windows\system32\catroot2
2016-02-19 21:01:10 ----RD---- C:\Program Files
2016-02-15 04:10:12 ----HD---- C:\ProgramData
2016-02-15 04:10:12 ----D---- C:\Program Files\Common Files
2016-02-14 21:05:11 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2016-02-13 17:20:24 ----D---- C:\Windows\rescache
2016-02-13 10:48:56 ----D---- C:\Windows\Microsoft.NET
2016-02-13 10:47:11 ----RSD---- C:\Windows\assembly
2016-02-13 10:38:29 ----SD---- C:\Windows\system32\CompatTel
2016-02-13 10:38:28 ----D---- C:\Windows\system32\appraiser
2016-02-13 10:38:28 ----D---- C:\Windows\AppPatch
2016-02-13 10:38:27 ----D---- C:\Windows\system32\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Windows\cs-CZ
2016-02-13 10:38:27 ----D---- C:\Program Files\Windows Journal
2016-02-13 10:38:23 ----D---- C:\Windows\system32\en-US
2016-02-13 10:38:23 ----D---- C:\Program Files\Internet Explorer
2016-02-13 01:11:50 ----D---- C:\Windows\system32\MRT
2016-02-13 01:08:26 ----A---- C:\Windows\system32\MRT.exe
2016-02-09 19:34:17 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-02-05 17:23:49 ----D---- C:\Windows\Tasks
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 253704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-10-27 25016]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 104664]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2015-08-18 162592]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-18 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 15872]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-18 915600]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 22216]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-18 1706128]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 ssinstall;SInstalátor; C:\Windows\System32\ssins.exe [2015-12-05 2324216]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1034584]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 292816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-22 102912]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosím o kontrolu časté reklamy děkuji
Nějaká chybička se vloudila, OTM nemazal. Zkuste ještě jednou, ale v nouz. režimu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?