Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Po delší době opět preventivka

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Max_cz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 191
Registrován: 20 pro 2005 22:14
Kontaktovat uživatele:
Kontaktovat uživatele Max_cz

Po delší době opět preventivka

#1 Příspěvek od Max_cz »

Dobrý večer,

po delší době prosím o preventivní kontrolu...

Kód: Vybrat vše

Logfile of random's system information tool 1.10 (written by random/random)
Run by Max_cz at 2015-03-01 18:52:35
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 12 GB (12%) free of 100 GB
Total RAM: 11877 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:40, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DBE2F43EE8D8F6F39A423576B63A7CDE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA9323A2-DCEA-480D-BFDA-455AA9721669}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll  c:\windows\syswow64\guard32.dll ,C:\Windows\SysWOW64\nvinit.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11425 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-22dd9d2c-4ee0-49f9-8f35-1b8a32d5a9f2 -SystemEventPortName:HostProcess-4078955f-61e8-4da7-8497-05275048951c -IoCancelEventPortName:HostProcess-a9578a64-a40f-4dea-8375-2e603e7c689c -NonStateChangingEventPortName:HostProcess-e6158213-48e3-4b58-8ab3-57ecb97bd0af -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ef6343f3-f05c-4b42-a4bd-60a431dc503e -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 33965536
\??\C:\Windows\system32\conhost.exe "895323296-1354981625418054679-654507271-1563226157-1856965967-1938875565-2020024173
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe" 
taskeng.exe {CA5950F5-8B23-4C13-B7A9-430A4972E2CA}
"C:\Windows\System32\igfxpers.exe" 
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"\Program Files\Synaptics\SynTP\SynTPEnh.exe" 
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" 
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe" 
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe" 
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" 
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" 
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2812.0.685673740\1507829571" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials=ChromeSuggestions/Default/DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.1.198049622\2031634152" /prefetch:673131151
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.3.1474745908\90207746" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.4.1045860410\415806685" /prefetch:673131151
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss bea3cee7-10f4-4941-81f6-696a162be303 1
\??\C:\Windows\system32\conhost.exe "-82659178878786226876039386-115275391612896119881097115712-2106414327196500444
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-501737738-11096556191268743153-125551955981367646415445059637382005581142561988
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
WLIDSvcM.exe 5116
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ee988295-8fb3-45ca-93df-7db07f6e8faf -SystemEventPortName:HostProcess-3274d137-1edc-4eda-a007-b51b60d6b91d -IoCancelEventPortName:HostProcess-1e32f2ee-a234-4f6e-b8c1-5058832c90f0 -NonStateChangingEventPortName:HostProcess-8bcdab42-a06f-4d91-ad84-e4ac9ab1708a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:825923b8-a5bd-4abf-a51d-804ec0aacec5 -DeviceGroupId:WpdFsGroup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE" 
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" --shortcut
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.729.772061928\1718030092" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.731.7448520\138869651" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\Windows\system32\SearchFilterHost.exe" 0 828 832 840 65536 836 
"C:\Users\Max_cz\Downloads\RSITx64.exe" 
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
děkuji
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po delší době opět preventivka

#2 Příspěvek od Rudy »

Zdravím!
Log není kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Max_cz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 191
Registrován: 20 pro 2005 22:14
Kontaktovat uživatele:
Kontaktovat uživatele Max_cz

Re: Po delší době opět preventivka

#3 Příspěvek od Max_cz »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Max_cz at 2015-03-01 18:52:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 12 GB (12%) free of 100 GB
Total RAM: 11877 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:40, on 1.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
C:\Program Files\TrueCrypt\TrueCrypt.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Max_cz.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [RotateImage] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKCU\..\Run: [TrueCrypt] "C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DBE2F43EE8D8F6F39A423576B63A7CDE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA9323A2-DCEA-480D-BFDA-455AA9721669}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E70F5B1-C164-4E3A-B6BF-D59CFFCC0AFF}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll c:\windows\syswow64\guard32.dll ,C:\Windows\SysWOW64\nvinit.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Virtual Camera Controller (LENOVO.TVTVCAM) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11425 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-22dd9d2c-4ee0-49f9-8f35-1b8a32d5a9f2 -SystemEventPortName:HostProcess-4078955f-61e8-4da7-8497-05275048951c -IoCancelEventPortName:HostProcess-a9578a64-a40f-4dea-8375-2e603e7c689c -NonStateChangingEventPortName:HostProcess-e6158213-48e3-4b58-8ab3-57ecb97bd0af -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ef6343f3-f05c-4b42-a4bd-60a431dc503e -DeviceGroupId:
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\WLANExt.exe 33965536
\??\C:\Windows\system32\conhost.exe "895323296-1354981625418054679-654507271-1563226157-1856965967-1938875565-2020024173
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\System32\hkcmd.exe"
taskeng.exe {CA5950F5-8B23-4C13-B7A9-430A4972E2CA}
"C:\Windows\System32\igfxpers.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Windows\SysWOW64\rundll32.exe" C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe"
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /q preferences /a logon
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2812.0.685673740\1507829571" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials=ChromeSuggestions/Default/DomRel-Enable/enable/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.1.198049622\2031634152" /prefetch:673131151
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.3.1474745908\90207746" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.4.1045860410\415806685" /prefetch:673131151
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss bea3cee7-10f4-4941-81f6-696a162be303 1
\??\C:\Windows\system32\conhost.exe "-82659178878786226876039386-115275391612896119881097115712-2106414327196500444
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-501737738-11096556191268743153-125551955981367646415445059637382005581142561988
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlkd.exe
C:\PROGRA~1\LENOVO\HOTKEY\tpnumlk.exe
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
WLIDSvcM.exe 5116
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ee988295-8fb3-45ca-93df-7db07f6e8faf -SystemEventPortName:HostProcess-3274d137-1edc-4eda-a007-b51b60d6b91d -IoCancelEventPortName:HostProcess-1e32f2ee-a234-4f6e-b8c1-5058832c90f0 -NonStateChangingEventPortName:HostProcess-8bcdab42-a06f-4d91-ad84-e4ac9ab1708a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:825923b8-a5bd-4abf-a51d-804ec0aacec5 -DeviceGroupId:WpdFsGroup
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe" --shortcut
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\rundll32.exe "C:\Program Files\LENOVO\HOTKEY\hotkey.dll",InstallAudioHotkeyHook
C:\PROGRA~1\Lenovo\HOTKEY\MKRMSG.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.MediaKey
C:\PROGRA~1\Lenovo\HOTKEY\TPONSCR.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.OnScreenDisplay
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE /UEFI\\.\pipe\{C6A9690C-33AE-4a55-8B65-9498CC0A7B34}.ShortcutKey
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe"
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.729.772061928\1718030092" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/NewSuggestType_A3_Stable_R1/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_29/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="2812.731.7448520\138869651" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 828 832 840 65536 836
"C:\Users\Max_cz\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
Nahoru
Max_cz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 191
Registrován: 20 pro 2005 22:14
Kontaktovat uživatele:
Kontaktovat uživatele Max_cz

Re: Po delší době opět preventivka

#4 Příspěvek od Max_cz »

Nevím proč, ale zbytek mi to sem prostě nechce vložit....
Nahoru
Max_cz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 191
Registrován: 20 pro 2005 22:14
Kontaktovat uživatele:
Kontaktovat uživatele Max_cz

Re: Po delší době opět preventivka

#5 Příspěvek od Max_cz »

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2015-01-30 1332296]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-05 1297624]
"Cm106Sound"=C:\Windows\syswow64\RunDll32.exe [2009-07-14 44544]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-12-13 2824504]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-12-13 2531472]
"LENOVO.TPKNRRES"=C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2014-06-20 295712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TrueCrypt"=C:\Program Files\TrueCrypt\TrueCrypt.exe [2014-03-15 1516496]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-01-28 23308256]
"GoogleChromeAutoLaunch_DBE2F43EE8D8F6F39A423576B63A7CDE"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-02-20 843592]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-31 7404312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RotateImage"=C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-30 55808]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-04-13 291608]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-11-14 5562736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Virtual Storage Mount Notification - {9793E2E9-7F06-4E43-8BF7-18CA2ECBF565}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"3212083974"=0x504B03047ECDE67B068374BFB5110000004000003B52047F42E5F13FFC79C52065C1BE89B50CD7B4769F60289BFBD984D14110F2D01270B16FC2706B1EDA5D73993A9F916003041E5B35D296126857F9E7251C73D3EFC09701D8D7ADC4610818404E80E342F284FC326FAFF9639EBA1E04B3742F5A9CFF01382A0C43DD64F0C5C72F17491D19AA604C54BAFD81DAB7660098606BC53B2CCFAFCC763E85AF893E2EC927770A5A8FBD749F1FADC9CAC3E32ED081F17F670C361341DCA6E6AAB22F35F8A01BF20D6F281379604DDF2B2D3AAB0475420EA35140CBD4850B5B37D2E0E582569D37AC0AEBFD63622E501F2BF5152FCF27CAACEFC4626FB241DBDA40EF0B12DD6F0AD67E93DFDC1861004081B9D72C75BB44BE9D1E27106103C35A24C81ABFA9A1F77CED3C0382BB7B0CD5005CFD4D9C12BAA0359AFBEE313FE071AFE8703BD92ABE22A0D51F3044C7410D9D6C7AA0337D9B7BBD1F3442DABD7B34DCF6888C18894965A7AC6702C9711F3905F590405B7002133BE6023C1376BB44873357A9555695625CD61A62343DC8928E685FEAE8E040D066B19FAE8E6B1F52EC94EB23382A36F982A5FE7B913C1707AA98145196E1168940B87181ECC84A3D074875B1AA306314B7D0FD77AC5602E656A4FE5F7D1276767A2614E2DE7E291B7729A58732F442E9C09842E7D8E44EB4B81D4A33BB5A0EE4A734289B6D99E87C21BF0248F522B38F8E69C3229F88BE9B8747500A03FE71AF6356476805E77DA5ACF4597917CD0632C1E257EA8EB53847066E8108E99D0FB556B2BF72BB5BED5792373C6486720619E15B5D9810F5783760949E5343C6DD4877637867BEFD768B439297D7E821CFC4BA3980F1CA2279A2E6A459470C6FF28FA2CA7236E81B6E2A1B5C349BCF4729C24388385F42302C6F8475F44F7BA90A1B7E1E10A48047D41BC1136DC51B40CFC85C09AE83F8BA3B01E359FB0241367E5168F48EFC6AF1EF1DC6B0DF6E69B29323CC1CBE73E39F3069C15AB38087A2FDB508518193F867710C6B378AF2F25A8DDCE72F0D61E19E47877F68B78B3E8AF452B22CC5BEA2AC107474689639D23E2789E4D34FD424BEDA096ED4F091B9CCF2E3D041FD6606795D3A09CD04B5ED2AF5BA71F4A01CAE89A4933FB1E08B129138CED63229F7ED9574131F0C0ECE1C5928ED9D4376DE50DDF379DBFC33DC0EB000B6098DE6F92BCE503ADFC75541BF4A6BEC97B298773EF65B60B177214313FC1508ABE30FDE7B48836D334F61047CF5BFF2093E8F380A7986AD8FFA5AC6A8EDB4392968ACAEEA2B0F2889A80D78B30648B4612E6DF2311CBF0FC50B7CAAF81E3E531A821B2A072D2FD2A9BF12170EA48EE2039A61EC4DC1671BDF2B2817786BF981D04F8CCA7771F08808CC38E04856FA22716B10F175786CD6B2E2AFF3B638F4C411E3C0851232DB04FDCBF6648EBAC7169FB7FC75C9D8AF98133F8DAA18E26BCA983977CE3B322106050FF575C707B8808C8A51DD02758ABF52B1DD5101562D5B93BB2461FFE9DCE06E52E2B27E8488DDB006F2783460F435CDF3CB6D1371A91F65497DE6E9B81D63064AF1E5AB31BE290B80A530DE6B094F5042726BF8AA46CD4652B9CB71F89CDD25CA682E6C9E25023C06FA538CA4F3DBC7738F35C0C0912C9CB16F43C8CFFB97981C0032F0C745974F620339D7CBE4C59ADEA630F92D6E6990532F427E795D4D2F6BB18FC35798B4948CAF7E2864D81ADABF22C1AB59AACD406454BAF9FFF5FFC88A35BDE96672513C1A297BA6E16BA1B7805392373FCBA9A2F3FDDA7D165B57560ADAA570693659196630B6519EE9012B76BF73FDBE807085BE5FDEB9EDC93E574396113A80ED04FCA4F572AE01EB8279A4DC9F902BD5CD206223C98DA8FC6F80EDAD25254B831B176CFCB7B83C74F63D1279EC6C69E208B3DD8B30D279ACA6238820E794D7AFED9DE063B8F9B88AC294D08E650CE9B617F6904821BFC7BE177583A90A88AA450FA2E35F6619AA39CF29632DB166D56361E17D5845C71E43B7B2EA63EADE16377FDFC5D51AB1F31CC78D9C1F31D0816C78A25A8A68BA87070B732D9F315E454DCA738C2370B5019765CAADB6B4E8226E83439487DAFBA93EA941E3B7FCB9029F846CA2D702153AC85B91BB8CB296A29662EA2617AF463DC719588CFB7A4E2E68D165ACF08EA0477376661AA1D5377931FBBFB2673C01F7573D2C8201DE8F82810FC456F633D00CA6281F8E991A75979227D2CEDF7400C9D3022CA75278518FAA2CDC4921EC58C2B1EF1D305ADD4C5DD65572F8934F5FD610B3C9DD0DBA0CABC93D46D489B7FA5E676E6A4ED2A5884D179125B9DBCE16A0D8893FCA9DB16DBDE23927CF5711A9917F5FA99DAB133665CA5648BCB61EC2B0EE013944F619E8D14B77D18B489EEBDCA6A57328B40F2C3B2562EEEBE8D67AA29C9884BE2FC81299EB03D257F1CBD26ECAB2C9BA1C843CDFE266BFFE68FE6D2A621FB08319D4D8C78EF4D32322593FB7F8D31B8B19B6CE0D6F0F23BB677643E385EA4F790CF9C6027D8635E95C3EC8AB6D45CBF86D7F2E90D4CD6604DAD3A7AEC95A9CD4621E8668B6D23559044C318528DE2358561CC518E8F2DB291705B5F28B55F0D4FFB19C0B674C84EA3944F0B3F2DAC4A4424ED634B3C93061AA252B1CF059ACE6BD182252F78B21B4416FF9317B04AE61E96EBD96519FC17C5E7612B61554D407AAFDA3799134C8AF4D3EE71354275C769E200DB6FA418CC1C7F3FACBBDEEE35A09E7922525D3CD8BF905678982FD350C19E2EFAB677CB7E465D307FA45BA289532B05BC1DB528C37A61682A555796E61ABE00771D9E9084DF6E5226405522276C7C4AD732A47FD2D0AD1312F71C87021D6E6C07CEB88F53A02EA382957A40FF9CDA815A07298BB3FB48396EE4A1E09894FED5D323267720A369652E125DF77777C75C063FE5C4A4FB18EA9501EF64D82894CE9917BC2D43F10EA1ABCDA1895CCEBA18D1DD0501F63045F0D21E3E1C815FF7B5801CF57A1CB02E4B08742721F172BC756FC4D04BCC6D1C7F1C52BEA83915AF2BF303545A55FF3E601E90AE848CC2AEFBD6880300FBD986A78DA992AD85FB75DA1DAA397DF86E9FE1DBD314AFBF27CBB03BF73D772E7F51EC3D0EB33B50000F1A632245394E0FE98B46891623E6334A4A849E0C5CC9403CC053FD5DA65453B895A0A023F9A4EC8955A41E8F951AE2204DE5FFFB571B2DD29C098B3E7577106F40D39C900E5A1A950330394C8FDDFDC48E6CCAD178B475F440373B950F2BE32CE823F39B2C7AEB524F264460557F26A82211B154B31DFF46765C478AE98E2363F21E28A763CB47BD9CFE4BDAC59B82D7F8BB04D94D65390961B359D61214612E95EEE709CB43CF5F004C54AFDFE78CF7520E3F84EF06F358531EB1D84F49D60ECAF1D4F38AE648EE978B60C6C81B8C833245D0D9F843B7C18C69FA242FD62858779119C115BF332B8DCDE8B66BA55F4175594E1AD2301AF04EC66A9BB71B20FFAD342FBE5E9689142E44C6DDA4BD5929CCF37D5C2B49BEF503B1BC229101123B21772EF939277024CEF39498C44C7FC3E6B7C01C7CDD4A247E758D3AD00D56031A5C7F8ED6DD3F944EF95CB8A98C9F129FDDFB75B2E6E4EB68CC6668AE9706623C58201CF12F027FA0532CB3DA087246E907CA3E3E6CB920FDB3196D404DBB97A667634E67580E231D92D097406F3EC39F62C356B6829FB46DDAB514A4EC7C05B40A4345ED0CC1E003C64EF5173F0771956613397CD5B1D3FAE80F856021BBE38D5B34AB0E476B91FA9A5304B6F38280429930394ACFDBBD4EBDC433E520197142BACF7B87BBDC05CB40FED6BEC2D700D940AF55112506FF365D97CF7B7E9F7A008981DA053C04F3742A6624772D3B6408936C1E3D7704B8BB2A3DF870D468979C46BD733CAA71CAE29010BE57953E149C7C10B81A2690DE5F873C3795BC04ADC4341EE5A5627AB85B70F08F32F1B361BCC834BEFBB3DEE2133EDF1761555CF48E826481D71161955E35094AD217909373981FEF5621176D54C69E4CC72262928E061600C95928D683CD7490E26A8E5AA1AB37AF0D440AC85D26F3557A02FB26BD48DEE04290E3D7B9FEBEBB59294FB0F6E06FED08145856BF52F806C83867EE6B7768DA5F7D6B5787422A3B62EDC670DF90CEB18144D37F549C234DF7E7679D7E00A52CCB77D426881C5E4B3AE86217764664777C0FE81F4AEFD1814C2F66B1F28823F5CB8E6F8F993343D2FD5F9FF88582957460D3EFAFEB5429D23573809BFB2AEB29AB44C2E1EAD93B11EAFAEE46E2888DC1CC2105C6A7999979741486E8D0FFB88D6CD7634E80800A09294EBAC8B4766DC02E2EAC4E6A8330D978C275E19D2C64C48D3162B29A71921449745F9E0BC7CF55CDEE56989ADE2BBB2791BB431833A05D59434DE364B750A2DAE8A37782428EFB41030702FC277181070503D90B230F5807684AC38E4A9C3000B71A8D6CA83F9AB864344269C559DBDFA36766787A3996E496AACB4CA56EDAB9C2BFD92BFF2414AFD0CBF5FB69E6649FAAC544AAEC33C1BE404D50703BC57ECBA53CEBF665AB7A6DE87051F6F9DC47AF14018CBF7878E03522F87B58EB82056BD4853EB3DF2ABF7D14ADD5ED7325E58EF12F4EF6BC7D158AC2CB07CD3CA032E2AA8D99BB31F4FA8DCB37415B61E71DD8E09F2F079E31797A209C65D617B108FE82F95DDD79A5B91BDB076CE8F11E8D07ED92D17B908DC9389C6CE92A48B8335E4C1E8F6EE4DDB207B15DC20E04E50FC5489E060E3BD114BB7AA16A755685A6061C308A46A3ACC746542C0228897C4B203B85B4ACAA87AA134E07CBEDA2EB4284A6CFE35EB3516C4E4739DCA0A8358BB5FD96A636BAF2B962819FE2591011B3158CD54E5972206D26D7D5B31613791B3A805D75771D70015A63F9C3D9FE9DB6561445B8C7F2D051F88C72FB3D57847D3E75EC58F3FE4F8C7F7C1721456E1AEAA943347F8D3D30D1F205AC288FC86CCF6F722A63D710583790C66D698A11BD2889869E37E641B5FAAD681252767ED8D48035F805CBE899130D0C22287E91E6377E9A06BD27E778C0E68589963748773161DFC1D214C53A8B37496D3E6702B1EF6F1FA7FA009C8ABA5D11DFA7D9D89E0C4F29DF89273AD5E8EB6C69FDB236286F86996FFE2CD493184E99A48753A80A57A6ED9B28AAAC9901BC9EFA931C9DC2E6EB1CD4C49A3CF90D76F915C8A41F22D14CC8122A767AC5051030C480DC214F2255FAA48E10A372422399DBA6BBA46A1ACB6DC72505916AE43C326EDE92ADA89898854D27D06843C7814C205F0005E2A03838271920A17C019D68AA34E751FE59762999DAAE538683933705EA529F6863B814D744E6C9FD170CAA646405DDEAE7831566CF81005B832B1B972DEFBB78058BE3657B63A3334AB61B5D465EB355C04585024E42F67725FEE76142830CED8CF98AFA05FBB9FC572E8F7155F2F963574BD49FC9EC34186BA3D48BD99EF8D2DD8C437D0EB2B147236B055B6E6A2CADCC28DC64AEAE270A9749AE7647938502067DB5FAB277880A62F064CD12688752D3B24079DE9BD985C1F16E9B5EAC46EF5D79827B69865BBF8B652A5C2161B9C718AEF0E1F19F8247F5B2247622191FD22B12D0EEA5CB4D957273585257897858F91DBA76405BEA196A7E59B488CA122F4FC4314E611193A20AB08D9CBFEA80F48D3CBDF04346DB79CD1ED4EB7DC3C8EED4CE316516C5596C7DC204A9A0CA08A4E587ECE00E75B0CEAA9F26EAE9C039A6A3F7DB0572050AA864A1E4E233F59101BA22BE52717F6CA23AA4CE2AA11518F8D512F91AFEA3CF3B22443A4A0BF2ACAC8EF572E2667C7EAC01C62C9D111061400F119FFDE950602E3074BAF80699D9A3DA96F8AFF97A407040CDEC110212A8963A5669BFAF90851C56AE1C226C1A8F630A635D1343E3E4446DB83599F913C0619B7913EEAD173075C32C301526503261CA4416FBC8BA7BEE960D98C4C244FDE30DDF5ABB3163E82ACD44A44ED24E74B3F98B29E6C481B3410BA08A39D3BF22D9B47114E04AA21A7D73B4A90F983231C0A7384B159AB760B923A548A7D0D925E76A35EF302B7859D8E40FB77B7C04A6F2CC7B08481CA35545A2D6C4D606EB1100F03C9083A5F957561920B930685C4E6FD049C30C8BEE18D8867B00BFA4F8432F05EAA5780E6DB2E4D3D767E9DBF1CE28D987DEB1C7F1AE21117B6BF6A32537C8457693C04F8802B57743A9DDD821F10098FE3EAB3934356FC8C24C0C35F92865C62F62DE06EAC6ED8884AA38351A2F5E8FB6E8D22DE672871416C2BA4E44C477EC25D04C35F549356DC20BE1CC0F44771C22366914304B08E6B5C3AEFA2D019E3E74B5D2F4724F71F47CD6548CF3FCC4DED193D9A2F57FD8CCCD94786885043F4721FFEA6277AAF2EC46B61432C3BD4881B6D9CD83983625627495D69
"301548880"=0x504B0304AF7CB8A05045F9114D070000003000003B52047F42E5F13FFC79C52065C1BE89B50CD7B476AF60289BFBD984D14110F2D01270B16FC2706B1EDA5D73993A9F916003041E5B35D296126857F9E7251C73D3EFC09701D8D7ADC4610818404E80E342F284FCC62EF128637FC2E8C4BCA51047A1E7D4571A1B18398F5F6B8E44D035A4CCC9A90C3BB2918F07633260A7770E0427505D9CD9DA45ABCE52680F80227AB6A4A6FEEC46B28564B327068008C1414A62D614AB6ADEAF538D4A6E4C4457E580BDA094361769D31091635792ADBBAC2464154AB1992C3A4D3F400B30D04F9F52954A909B6FFFDB1ED00C4B7708859BE4B769E45268B4A29FD7F85D0EB3DE7520E048F9636B469B3C05C2594F20453EE26EBA7F2E3E0074DB8B2BA76D8A4D8575BE24C65EE067ECC4921305585AE8110062C56A169070C33AE4AC318102B910A1BC96C2B479BED046D12DCD65C7B8B49231F9588A25B97EF6397A8A683D88DDD5F6E8648A7407EBDEE65A3F92DCAA580C74B698329AE3561EE66B016317963362202B9152D880D593BC760DE140BF53F283000BB3D036B78613B68311AF34D07916FE46202F896D4C0153873C1820E110BA155E3945930E95743AF650935078D9B6AB2C289260330DBC50C99E8789CA6B50B6707688798A9F81A2CEF8B40F96F8FD9E01C00774815B4DF8CA235935793FEB99D13BD3AAE3FEB2434540B740367533DC9C8E2A664A520ACFBC0A7EDA4BB5D97663F0A088CE0AB05587CA95911BD5CF90B2E4B4DFA0DEB8CE53F231BEB500C1778C0F6FC86E11D923FE1C8A798ECDA6D9628A23E81E3B3397E94B54ABA069EBE76BE1B47DFFE1A6C7F3C07159502C9552191D5BDD6CA76BF6A1B198516ABD7EA57C39C606F0E58BEC5E2C60E5D44648B3467E52DE69104130D39543048DE50A9738EDA2A12025CDAC3BFC025787979077961B958A7E1254CDA2C24A4EF29A72719CD8FF7407AF8A8D2147C2000AD3BAF6C0B40D699DBFA4230EA22EDFB5631AE4A5C58EA9CB86E5A873FF7AF22D790B354663056DFF36F8B04E17858CEAEC8EDD8EDDC4A6733DB3E33E3DD99F8769EAFA4429A2CF28C67C71C93BBBFE4D2FADA1710343B4CFB8C1376FAE0B06047757F704AEDFAA25CE0DF9E0F8CB3D6375E9C593F343A3B5FE3B0425EA947A5BB37C406B3A7C57AFFC944C008AD8D5AE59AC8B5DA282396CCEE7CF526ACE85FFD8F89EE76633E49D3662F41DF79F286E8D399ADF02A598FCA2EA3225FFC4F412E30C738E07FDCEFD08887BC8658B6AE2EC8820F4B481374042229DA9978A251D7B7497619989FA2A8652E680AF13CD32FDFFA5DF97CC3AC979B034921488C9835FDBC708F5A8B407980F4953D27FEF86B4FC331B4308A2404E064F84EED4092CE9978788CE0C46F07560A8123DF5471CDA1C34ABE85387515D27A7AC43EBAB84DEBDD29914A7DBD84876732EE9D36590CB2637B6D009C7A38EAE497D8DAFFDAA60BFC8A40D8D1753D59EC9E843511B2A1EB9907DD2E37D12C6FBCE80738A27A8BCC42ACB1150C13C6BAB2470E39819FE105531D9FF216783E956B0ECE48DA8DAD19856D2A95578A2350778AEB0A2BA7C180AD03725567A5B9C21AECAFED79CB610F92A596AA4570C4A9A25EEA1955A6695B2A3928FC8F0B58DBC93A85808DDCE0CFFCB7E4B20C78806B5174DDA44DF1699DE57D766120C93ED41F4D31C18710B6C107B846FEFE4E95A560A6BCC2CC6DAC04FC151AD1751B4278A54D0C2671F409C8575672B78B5E3EA28A4D2086452BD643D831FB68575605CCD6935EB9EB2886D197B646AB3D2A0421DB12FA59E5B48569E599B0275E399A90D90CB5CF6EAB915BA8CA139A4F6955EB0A986CBBD2C5F1EB9D22A057ADBE72916EE282BAD46CCE642A1CD18AF9BF42A6F4DC3D175A78DDED1670447A99AB7FF4D11165EBB9FC0B4B438A1D9D793B266F3356F29B7D9D882E4097A0969540127F55D8B8918245BBFCA9DC8290D14F4ECA4921B397FA4E6A16155723DD25185457064A4D13CCB64060A06348651D2E199DEB7C1DC31E7718F5A6A658DB30C807ADF416E731F1BCC5B0D59B4B81A09AECC83A332F5932463DE6DCC5DE27FF08100DF6EFB3F8CADE43C72B644994B30A485BBEFD00E23434FCF55C54D952E599FE56A408361BAF91DA4B4671F2690635BAF56169A48ABA11410361DB920FB97AFEFD94D035A161A6D8AF2F2E3124C0914883B81A5D31BEA60B6E7F8A0D2834787687BBB059877A257D21A0A3B448D291229512DEB08892C541567E0C33B6932C3D1B4C9D57DC4C76FFF23D224082BD98E4060A28F72A6D89EA7197A08CD985C2892BD87AF5DED9BDE907591BA9A5143A7A7E0D2C34322C70B74623A66B705DDC5130B80380BB12C3EC6106F3D0CB70560847BEE211512578A56FEB5DDF09E01CA45C1AC19E6C58C1D87CADBD573C0E8EDD833A51D1707CC03011FD5503CA2E34EDE0B9DDEDF94E5ACE167811CC3C66C52F9AB70DB1C8B7197BAA7F49539157D417DF2DC3773DF370573D58CC5D79106C72FB4154BC19E2EA5BC4074B28F99237B99D08C1C2AF809866962D8A81486A9D9135D70E40FFC2ACFBEB7D5C644359CBC56636F7812F4A3920C9BBFFEC497CCD5F4D7DDB1DAC1FF2A8C9D42ACFCFC80C49FAE679CD7

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\SysWOW64\msiexec.exe"="C:\Windows\SysWOW64\msiexec.exe:*:Generic Host Process"
"C:\Windows\SysWOW64\svchost.exe"="C:\Windows\SysWOW64\svchost.exe:*:Generic Host Process"
"C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe"="C:\Users\Max_cz\AppData\Roaming\ZQPV2L7C2K.exe:*:Enabled:Windows Messanger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2015-03-01 18:52:35 ----D---- C:\rsit
2015-03-01 10:08:30 ----D---- C:\ProgramData\McAfee
2015-03-01 10:08:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-03-01 10:04:17 ----D---- C:\Windows\system32\Macromed
2015-02-26 20:35:31 ----D---- C:\Windows\tiinst
2015-02-26 20:34:46 ----D---- C:\Windows\Windows
2015-02-26 20:34:46 ----D---- C:\Windows\TUSB
2015-02-26 20:34:45 ----D---- C:\Program Files (x86)\LG Electronics Inc
2015-02-22 10:20:31 ----D---- C:\Windows\SYSWOW64\NV
2015-02-22 10:20:31 ----D---- C:\Windows\system32\NV
2015-02-22 10:17:20 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-02-22 10:17:20 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-02-22 10:17:20 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-02-22 10:17:20 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-02-22 10:17:20 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-02-22 10:17:20 ----A---- C:\Windows\system32\nvopencl.dll
2015-02-22 10:17:20 ----A---- C:\Windows\system32\nvoglv64.dll
2015-02-22 10:17:20 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-02-22 10:17:20 ----A---- C:\Windows\system32\drivers\nvpciflt.sys
2015-02-22 10:17:20 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-02-22 10:17:19 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\NvIFR64.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\NvFBC64.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvdispgenco6434752.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvdispco6434752.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvcuvid.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvcuda.dll
2015-02-22 10:17:19 ----A---- C:\Windows\system32\nvcompiler.dll
2015-02-18 16:52:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-02-18 16:52:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-18 16:52:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-02-18 16:52:15 ----A---- C:\Windows\system32\jscript9.dll
2015-02-17 17:32:16 ----A---- C:\Windows\system32\powertracker.dll
2015-02-17 17:32:16 ----A---- C:\Windows\system32\perftrack.dll
2015-02-17 17:32:15 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-02-17 17:32:15 ----A---- C:\Windows\system32\wdi.dll
2015-02-11 12:16:48 ----A---- C:\Windows\system32\invagent.dll
2015-02-11 12:16:48 ----A---- C:\Windows\system32\generaltel.dll
2015-02-11 12:16:48 ----A---- C:\Windows\system32\devinv.dll
2015-02-11 12:16:48 ----A---- C:\Windows\system32\appraiser.dll
2015-02-11 12:16:48 ----A---- C:\Windows\system32\aeinv.dll
2015-02-11 12:16:47 ----A---- C:\Windows\system32\aitstatic.exe
2015-02-11 12:16:47 ----A---- C:\Windows\system32\aepic.dll
2015-02-11 12:16:47 ----A---- C:\Windows\system32\aepdu.dll
2015-02-11 12:16:42 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 12:16:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-02-11 12:16:42 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 12:16:42 ----A---- C:\Windows\system32\kerberos.dll
2015-02-11 12:16:41 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-02-11 12:16:41 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-02-11 12:16:41 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-02-11 12:16:41 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-02-11 12:16:41 ----A---- C:\Windows\system32\wdigest.dll
2015-02-11 12:16:41 ----A---- C:\Windows\system32\TSpkg.dll
2015-02-11 12:16:41 ----A---- C:\Windows\system32\ncrypt.dll
2015-02-11 12:16:41 ----A---- C:\Windows\system32\msv1_0.dll
2015-02-11 12:16:40 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-02-11 12:16:40 ----A---- C:\Windows\system32\credssp.dll
2015-02-11 12:16:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-02-11 12:16:30 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-02-11 12:16:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-02-11 12:16:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-02-11 12:16:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-02-11 12:16:29 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 12:16:29 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 12:16:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-02-11 12:16:29 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 12:16:29 ----A---- C:\Windows\system32\iernonce.dll
2015-02-11 12:16:29 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 12:16:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 12:16:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 12:16:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-02-11 12:16:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 12:16:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-02-11 12:16:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 12:16:26 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-02-11 12:16:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 12:16:26 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 12:16:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 12:16:26 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 12:16:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-02-11 12:16:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-02-11 12:16:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 12:16:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 12:16:25 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 12:16:25 ----A---- C:\Windows\system32\dxtrans.dll
2015-02-11 12:16:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 12:16:24 ----A---- C:\Windows\system32\iesetup.dll
2015-02-11 12:16:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 12:16:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-02-11 12:16:22 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 12:16:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 12:16:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 12:16:21 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-02-11 12:16:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-02-11 12:16:21 ----A---- C:\Windows\system32\ieUnatt.exe
2015-02-11 12:16:20 ----A---- C:\Windows\system32\ieui.dll
2015-02-11 12:16:20 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 12:16:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 12:16:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-02-11 12:16:19 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 12:16:18 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 12:16:17 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 12:16:16 ----A---- C:\Windows\system32\msrating.dll
2015-02-11 12:16:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 12:16:15 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 12:16:04 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 12:16:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 12:15:53 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 12:15:53 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 12:15:52 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 12:15:52 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 12:15:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-02-11 12:15:51 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-02-11 12:15:51 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-02-11 12:15:51 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-02-11 12:15:51 ----A---- C:\Windows\system32\sspisrv.dll
2015-02-11 12:15:51 ----A---- C:\Windows\system32\sspicli.dll
2015-02-11 12:15:51 ----A---- C:\Windows\system32\secur32.dll
2015-02-11 12:15:51 ----A---- C:\Windows\system32\msobjs.dll
2015-02-11 12:15:51 ----A---- C:\Windows\system32\lsass.exe
2015-02-11 12:15:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 12:15:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-02-11 12:15:51 ----A---- C:\Windows\system32\auditpol.exe
2015-02-11 12:15:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 12:15:50 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 12:15:38 ----A---- C:\Windows\system32\crypt32.dll
2015-02-11 12:15:37 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-02-11 12:15:31 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 12:15:31 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 12:14:45 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 12:14:43 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-02-11 12:14:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-02-11 12:14:40 ----A---- C:\Windows\system32\srcore.dll
2015-02-11 12:14:40 ----A---- C:\Windows\system32\rstrui.exe
2015-02-11 12:14:39 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-02-11 12:14:39 ----A---- C:\Windows\system32\srclient.dll
2015-02-11 12:14:29 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 12:14:29 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 12:14:28 ----A---- C:\Windows\system32\win32k.sys
2015-02-02 16:51:22 ----A---- C:\Windows\SYSWOW64\drivers\synUSB64.sys
2015-02-02 16:51:17 ----A---- C:\Windows\SYSWOW64\Synsopos.exe
2015-02-02 16:51:14 ----A---- C:\Windows\SYSWOW64\SynsoLChk.dll
2015-02-02 16:51:13 ----A---- C:\Windows\SYSWOW64\SYNSOACC.dll
2015-02-02 16:51:12 ----D---- C:\Program Files (x86)\Syncrosoft
2015-02-02 16:51:07 ----D---- C:\Users\Max_cz\AppData\Roaming\pdfMachine
2015-02-02 16:50:44 ----A---- C:\Windows\SYSWOW64\FeMakro.ini
2015-02-02 16:50:44 ----A---- C:\Windows\SYSWOW64\FeAnim.ini
2015-02-02 16:50:34 ----A---- C:\Windows\SYSWOW64\mfc42loc.dll
2015-02-02 16:48:15 ----D---- C:\Program Files (x86)\Eleco
2015-02-02 16:48:05 ----D---- C:\Program Files (x86)\directx

======List of files/folders modified in the last 1 month======

2015-03-01 18:52:40 ----D---- C:\Windows\Prefetch
2015-03-01 18:52:38 ----D---- C:\Windows\Temp
2015-03-01 18:52:38 ----D---- C:\Program Files\trend micro
2015-03-01 18:46:09 ----D---- C:\Users\Max_cz\AppData\Roaming\uTorrent
2015-03-01 16:12:39 ----D---- C:\Windows\System32
2015-03-01 16:12:38 ----D---- C:\Windows\SysWOW64
2015-03-01 15:02:38 ----SHD---- C:\System Volume Information
2015-03-01 14:09:13 ----SHD---- C:\Windows\Installer
2015-03-01 14:09:05 ----RSD---- C:\Windows\assembly
2015-03-01 14:00:52 ----D---- C:\Windows\system32\config
2015-03-01 13:35:09 ----RD---- C:\Program Files (x86)
2015-03-01 13:35:09 ----AD---- C:\Windows
2015-03-01 13:23:57 ----RSD---- C:\Windows\Fonts
2015-03-01 13:09:45 ----D---- C:\Program Files (x86)\LibreOffice 4
2015-03-01 13:00:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-03-01 11:59:28 ----D---- C:\Program Files (x86)\Adobe
2015-03-01 11:59:27 ----D---- C:\Program Files\Adobe
2015-03-01 11:59:11 ----D---- C:\ProgramData\Adobe
2015-03-01 11:58:36 ----D---- C:\Users\Max_cz\AppData\Roaming\Adobe
2015-03-01 11:56:15 ----D---- C:\Program Files\Common Files\Adobe
2015-03-01 11:34:09 ----HD---- C:\ProgramData
2015-02-28 14:33:21 ----D---- C:\Windows\inf
2015-02-28 14:06:10 ----D---- C:\Users\Max_cz\AppData\Roaming\DAEMON Tools Lite
2015-02-28 14:05:46 ----D---- C:\Windows\debug
2015-02-27 21:32:00 ----D---- C:\Program Files (x86)\The KMPlayer
2015-02-26 20:36:02 ----D---- C:\Windows\system32\DriverStore
2015-02-26 03:02:41 ----D---- C:\Windows\winsxs
2015-02-25 22:06:15 ----D---- C:\Users\Max_cz\AppData\Roaming\Skype
2015-02-22 10:20:27 ----D---- C:\ProgramData\NVIDIA
2015-02-22 10:19:55 ----A---- C:\Windows\system32\nvvsvc.exe
2015-02-22 10:18:56 ----D---- C:\Windows\system32\drivers
2015-02-22 10:18:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-02-22 10:18:17 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-02-22 10:18:15 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-02-22 10:18:12 ----A---- C:\Windows\system32\nvinitx.dll
2015-02-22 10:18:11 ----A---- C:\Windows\system32\OpenCL.dll
2015-02-22 10:18:10 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-02-22 10:18:10 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-02-22 10:18:08 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-02-20 07:09:27 ----D---- C:\Windows\rescache
2015-02-20 03:16:44 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-20 03:16:44 ----D---- C:\Windows\system32\en-US
2015-02-20 03:16:42 ----D---- C:\Windows\tracing
2015-02-17 18:05:42 ----D---- C:\Windows\system32\catroot
2015-02-17 18:05:13 ----SD---- C:\Windows\system32\CompatTel
2015-02-17 18:05:13 ----D---- C:\Windows\system32\appraiser
2015-02-17 18:05:12 ----D---- C:\Windows\system32\cs-CZ
2015-02-17 18:05:11 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-17 18:05:11 ----D---- C:\Program Files\Internet Explorer
2015-02-17 18:05:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-02-17 17:43:15 ----D---- C:\Program Files\Microsoft Security Client
2015-02-17 17:43:13 ----D---- C:\Program Files (x86)\Microsoft Security Client
2015-02-17 17:42:08 ----D---- C:\Windows\system32\MRT
2015-02-17 06:23:04 ----A---- C:\Windows\system32\MRT.exe
2015-02-16 20:28:38 ----SD---- C:\Users\Max_cz\AppData\Roaming\Microsoft
2015-02-15 20:36:20 ----RD---- C:\Program Files
2015-02-11 12:14:05 ----D---- C:\Windows\system32\catroot2
2015-02-09 21:01:17 ----D---- C:\Program Files (x86)\BlazeVideo
2015-02-09 21:01:14 ----D---- C:\ProgramData\BlazeVideo
2015-02-09 20:58:43 ----D---- C:\Windows\pss
2015-02-07 10:55:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-05 20:07:04 ----A---- C:\Windows\system32\nvcpl.dll
2015-02-05 20:07:03 ----A---- C:\Windows\system32\nvsvc64.dll
2015-02-05 20:07:00 ----A---- C:\Windows\SYSWOW64\oemdspif.dll
2015-02-05 20:07:00 ----A---- C:\Windows\system32\nvsvcr.dll
2015-02-05 20:07:00 ----A---- C:\Windows\system32\nvshext.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nvmctray.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nv3dappshextr.dll
2015-02-05 20:06:59 ----A---- C:\Windows\system32\nv3dappshext.dll
2015-02-05 18:29:22 ----D---- C:\Windows\Tasks
2015-02-02 16:51:22 ----D---- C:\Windows\SYSWOW64\drivers

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-04-13 19224]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-02-17 274696]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-02-22 31376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-03-15 231376]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-01-30 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2015-01-30 792648]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-01-30 45880]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-01-30 104608]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-02-17 124560]
R3 5U877;5U877; C:\Windows\system32\DRIVERS\5U877.sys [2012-03-28 216704]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-09-19 283064]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2013-09-05 54528]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2015-01-22 17920]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-04-13 356632]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-04-13 789272]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2012-02-20 11471872]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-12-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-27 259688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-04-10 849992]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-03-18 33008]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-02-13 14464]
R3 WinUsb;Ovladač WinUsb; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;Podpora skenování WSD přes UMB; C:\Windows\system32\drivers\WSDScan.sys [2009-07-14 25088]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2012-01-09 195584]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 IT9135BDA;IT9135 BDA Devices; C:\Windows\System32\Drivers\IT9135BDA.sys [2010-02-03 113280]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBMULCD;USB Multi-Channel Audio Device Interface; C:\Windows\system32\drivers\CM10664.sys [2011-06-27 1310720]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-02-05 7618952]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2012-02-26 626960]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-12-13 1148560]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2013-09-05 66344]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2014-06-20 59168]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2012-08-25 127072]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2014-06-20 72992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-01-30 23784]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-12-13 1701520]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-12-13 19823248]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-22 935056]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2012-02-26 148752]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-05-15 125432]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2012-12-05 125504]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2014-12-02 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-11-14 296312]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-02-05 2265304]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-01-30 366512]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-01-21 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-01-21 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S2 LENOVO.TVTVCAM;Lenovo Virtual Camera Controller; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [2014-06-20 197408]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2014-02-07 5093216]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-01-21 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-27 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-11 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-11 114288]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-02-26 273168]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-01-21 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-01-21 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-01-21 139944]
S4 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\KMPService.exe [2013-07-08 1922600]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po delší době opět preventivka

#6 Příspěvek od Rudy »

Log vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Max_cz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 191
Registrován: 20 pro 2005 22:14
Kontaktovat uživatele:
Kontaktovat uživatele Max_cz

Re: Po delší době opět preventivka

#7 Příspěvek od Max_cz »

ok děkuji za rychlou reakci...

Teď jsem ještě v logu koukal, že pod

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

mizí nějaké "cesty" a přepisují se těmi sáhodlouhými písmeny a čísly...
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Po delší době opět preventivka

#8 Příspěvek od Rudy »

To by mělo být v pořádku. Vlastnost systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Sekce pouze pro Vzorné návštěvníky“