Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu RSIT

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Kontrola logu RSIT

#1 Příspěvek od INCVBVS »

Ahoj,

v poslední době mi Avira začla několikrát denně vyhazovat varovnou hlášku, že zablokovala přístup k registrům a že doporučuje scan. Scan jsem provedl tak 3x a je to pořád stejný. K tomu mě spousta stránek začla vyzývat k tomu, abych se ověřil, zda nejsem robot (CAPTCHA). Přikládám tedy RSIT log a prosím o kontrolu.

Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2015-04-18 13:22:59
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 100 GB (11%) free of 939 GB
Total RAM: 8094 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:23:07, on 18.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\LockKey\LockKey.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\JavaSetup8u45.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tom.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [LockKey] C:\Program Files (x86)\LockKey\LockKey.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Lenovo Registration] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
O4 - HKLM\..\Run: [Intelligent Touchpad] C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Iconoid] "C:\Program Files\Iconoid\iconoid64.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: ABBYY FineReader 11 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.11.0) - ABBYY - C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptSvc.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disconnect Desktop Updater - Disconnect - C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE
O23 - Service: Fast boot service of lenovo (NSDSvc) - Unknown owner - C:\Windows\System32\NSDSvc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\Disconnect\Disconnect Desktop\openvpn\bin\openvpnserv.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 17621 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 33065472
\??\C:\Windows\system32\conhost.exe "-442119581385788699-3598605061720926926408006486-905437870-6748991681350213638
taskeng.exe {7BF7B743-599F-4F5F-9500-A416E2C33918}
"C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
"C:\ProgramData\DatacardService\HWDeviceService64.exe" -/service
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "-1145423752-15019209311545919125-723895941-5971890011671049081-109707708761463966
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000003fc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 8268004a-dcaa-4b30-b380-3e33389504fd 1
\??\C:\Windows\system32\conhost.exe "-1187786585-1838133393-159157203-1986920936147308581891284274-1960105928-2069462997
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-753005657402400354-179526433211802607931874426634-1675421321371885373-1810558352
taskeng.exe {3505DDD3-E4C3-465F-BE08-058C55FED2DD}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\ProgramData\DatacardService\DCSHelper.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\LockKey\LockKey.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Windows\system32\igfxtray.exe"
"C:\Windows\system32\hkcmd.exe"
"C:\Windows\system32\igfxpers.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 6744
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Iconoid\iconoid64.exe"
C:\ProgramData\FLEXnet\Connect\11\\agent.exe -Embedding
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -Embedding
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Windows\SYSTEM32\WISPTIS.EXE" /ManualLaunch;
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\Lenovo\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6892.0.1211694847\509810959" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2867 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.1.854973153\2024688702" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.2.1266346483\914145658" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.3.1271409130\709760249" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.4.673938441\1982148495" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.5.309544114\1117155206" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.6.1397435424\2115124982" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.9.360867655\1331772444" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6892.15.159701973\1192636356" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.16.699157389\1221348065" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.18.2100551795\895760313" /prefetch:673131151
"C:\Users\Tom\Downloads\JavaSetup8u45.exe"
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.22.818888673\1175882559" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.27.467480878\1949171076" /prefetch:673131151
taskeng.exe {E9DB0BA1-A501-4A9D-B4D9-602B2BC083BD}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/StandardR4/*PasswordGeneration/Disabled/*PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Disabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/*SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_96/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=6892 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="6892.31.955974674\1013085465" /prefetch:673131151

"C:\Users\Tom\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 836 840 848 65536 844


======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001Core.job - C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001UA.job - C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-04-08 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-08 886488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-08 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-04-08 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-08 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-12-16 2866960]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2011-12-16 410896]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-12-27 12343400]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-11-15 1156712]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-08-12 789856]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-08-12 8079408]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-08-12 6202416]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-10 1297624]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-10 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-10 399392]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-10 441888]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Iconoid"=C:\Program Files\Iconoid\iconoid64.exe [2010-08-21 313344]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2011-10-13 2068856]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AirVideoServer]
C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApplePhotoStreams]
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2013-11-20 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2011-08-18 925960]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify]
C:\Program Files (x86)\Connectify\Connectify.exe [2013-01-24 4175648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DNS7reminder]
C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe -r C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2013-11-20 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11 30877280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Tom\AppData\Roaming\Spotify\Spotify.exe [2014-06-25 6180920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Tom\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-06-25 1176632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2013-02-15 1597864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-08-12 329056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE [2011-03-09 4236288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-21 291648]
"LockKey"=C:\Program Files (x86)\LockKey\LockKey.exe [2011-08-26 337776]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-30 284440]
"Lenovo Registration"=C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2012-01-26 4351712]
"Intelligent Touchpad"=C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [2011-12-08 291272]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-04-01 726320]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-09-01 152392]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-10 441856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux2"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-04-18 13:22:59 ----D---- C:\rsit
2015-04-18 13:22:59 ----D---- C:\Program Files\trend micro
2015-04-18 13:11:45 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2015-04-17 12:05:47 ----A---- C:\ComboFix.txt
2015-04-17 12:00:06 ----D---- C:\$RECYCLE.BIN
2015-04-17 11:36:46 ----A---- C:\Windows\zip.exe
2015-04-17 11:36:46 ----A---- C:\Windows\SWSC.exe
2015-04-17 11:36:46 ----A---- C:\Windows\SWREG.exe
2015-04-17 11:36:46 ----A---- C:\Windows\sed.exe
2015-04-17 11:36:46 ----A---- C:\Windows\PEV.exe
2015-04-17 11:36:46 ----A---- C:\Windows\NIRCMD.exe
2015-04-17 11:36:46 ----A---- C:\Windows\MBR.exe
2015-04-17 11:36:46 ----A---- C:\Windows\grep.exe
2015-04-17 11:34:56 ----D---- C:\Qoobox
2015-04-17 11:31:36 ----D---- C:\Windows\erdnt
2015-04-16 22:29:44 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-04-16 22:29:42 ----D---- C:\ProgramData\RogueKiller
2015-04-16 22:23:02 ----D---- C:\AdwCleaner
2015-04-16 22:12:25 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-16 21:52:30 ----A---- C:\Windows\tweaking.com-regbackup-TOM-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-16 21:52:27 ----D---- C:\RegBackup
2015-04-16 16:19:54 ----RAD---- C:\Program Files (x86)\Watch_Dogs
2015-04-16 09:56:28 ----D---- C:\ProgramData\Caphyon
2015-04-16 09:55:14 ----D---- C:\Program Files\TAP-Windows
2015-04-16 09:54:52 ----D---- C:\Users\Tom\AppData\Roaming\Mozilla
2015-04-16 09:54:51 ----D---- C:\Program Files (x86)\Disconnect
2015-04-16 09:54:15 ----D---- C:\Users\Tom\AppData\Roaming\Disconnect
2015-04-15 07:57:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 07:57:44 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 07:57:44 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 07:57:44 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 07:57:44 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 07:57:44 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 07:57:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 07:57:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 07:57:43 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 07:57:43 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 07:57:42 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 07:57:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 07:57:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 07:57:42 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 07:57:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 07:57:41 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 07:57:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 07:57:41 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 07:57:41 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 07:57:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 07:57:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 07:57:41 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 07:57:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 07:57:40 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 07:57:40 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 07:57:40 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 07:57:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 07:57:39 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 07:57:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 07:57:39 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 07:57:39 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 07:57:39 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 07:57:39 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 07:57:38 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 07:57:37 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 07:57:37 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 07:57:37 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 07:55:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 07:55:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 07:55:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 07:55:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 07:55:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 07:55:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 07:55:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 07:55:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 07:55:56 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 07:55:27 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 07:53:25 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 07:53:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 07:53:25 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 07:53:25 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 07:53:25 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 07:53:25 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 07:53:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 07:53:13 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 07:53:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 07:53:12 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 07:53:12 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 07:53:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 07:53:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 07:53:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 07:53:10 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 07:53:10 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 07:53:09 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 07:53:09 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 07:53:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 07:53:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 07:53:09 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 07:53:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 07:53:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 07:53:09 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 07:53:08 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 07:53:08 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\smss.exe
2015-04-15 07:53:08 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 07:53:08 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 07:53:08 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:53:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 07:53:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 07:53:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 07:53:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 07:53:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 07:53:05 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 07:53:05 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 07:53:05 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 07:53:05 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 07:53:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 07:53:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 07:53:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 07:53:04 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 07:53:04 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 07:53:04 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 07:52:34 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 07:47:30 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 07:47:30 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 07:47:30 ----A---- C:\Windows\system32\clfs.sys
2015-04-06 13:54:19 ----D---- C:\ProgramData\Screaming Bee
2015-04-06 13:53:39 ----D---- C:\Users\Tom\AppData\Roaming\Screaming Bee
2015-04-05 01:14:17 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-05 01:14:17 ----SD---- C:\Windows\system32\GWX
2015-03-24 19:16:02 ----D---- C:\Windows\SYSWOW64\aspi
2015-03-24 19:16:02 ----A---- C:\Windows\SYSWOW64\imsfchk.dll

======List of files/folders modified in the last 1 month======

2015-04-18 13:23:07 ----D---- C:\Windows\Temp
2015-04-18 13:22:59 ----RD---- C:\Program Files
2015-04-18 13:17:15 ----SHD---- C:\Windows\Installer
2015-04-18 13:17:15 ----D---- C:\Config.Msi
2015-04-18 13:17:04 ----D---- C:\Windows\SysWOW64
2015-04-18 13:16:05 ----D---- C:\Program Files (x86)\Common Files
2015-04-18 13:15:19 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-04-18 13:15:19 ----A---- C:\Windows\SYSWOW64\javaws.exe
2015-04-18 13:15:19 ----A---- C:\Windows\SYSWOW64\javaw.exe
2015-04-18 13:15:19 ----A---- C:\Windows\SYSWOW64\java.exe
2015-04-18 13:15:06 ----D---- C:\ProgramData\Oracle
2015-04-18 13:15:01 ----D---- C:\Program Files (x86)\Java
2015-04-18 13:11:45 ----D---- C:\Program Files (x86)
2015-04-18 13:11:36 ----SHD---- C:\System Volume Information
2015-04-18 12:43:28 ----D---- C:\Windows\system32\config
2015-04-18 12:37:33 ----D---- C:\Windows\inf
2015-04-18 12:37:33 ----AD---- C:\Windows\System32
2015-04-18 12:37:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-18 12:35:25 ----A---- C:\Windows\SYSWOW64\log.txt
2015-04-18 12:35:21 ----D---- C:\Windows\system32\Tasks
2015-04-18 12:33:54 ----D---- C:\Windows\tracing
2015-04-18 12:33:38 ----A---- C:\Windows\SYSWOW64\zlib.dll
2015-04-17 12:05:56 ----D---- C:\Windows\system32\drivers
2015-04-17 12:00:32 ----AD---- C:\Windows
2015-04-17 12:00:32 ----A---- C:\Windows\system.ini
2015-04-17 11:59:51 ----D---- C:\Windows\system32\drivers\etc
2015-04-17 11:56:31 ----D---- C:\ProgramData
2015-04-17 11:45:20 ----D---- C:\Windows\SYSWOW64\drivers
2015-04-17 11:45:20 ----D---- C:\Windows\AppPatch
2015-04-17 11:31:27 ----A---- C:\Windows\SWXCACLS.exe
2015-04-17 03:16:47 ----D---- C:\Windows\AppCompat
2015-04-17 03:13:48 ----D---- C:\Windows\rescache
2015-04-17 00:01:20 ----D---- C:\Windows\system32\LogFiles
2015-04-16 21:43:37 ----D---- C:\Windows\Speech
2015-04-16 21:38:42 ----D---- C:\ProgramData\Package Cache
2015-04-16 21:38:40 ----D---- C:\ProgramData\Avira
2015-04-16 21:38:38 ----D---- C:\Program Files (x86)\Avira
2015-04-16 21:32:05 ----D---- C:\Users\Tom\AppData\Roaming\uTorrent
2015-04-16 21:31:45 ----D---- C:\Windows\Logs
2015-04-16 21:31:45 ----D---- C:\Windows\debug
2015-04-16 18:16:49 ----D---- C:\ProgramData\Orbit
2015-04-16 15:39:25 ----D---- C:\Windows\Microsoft.NET
2015-04-16 15:38:09 ----RSD---- C:\Windows\assembly
2015-04-16 09:55:25 ----D---- C:\Windows\system32\DriverStore
2015-04-16 09:52:15 ----D---- C:\ProgramData\Origin
2015-04-16 09:38:40 ----D---- C:\Program Files (x86)\Origin
2015-04-16 09:30:21 ----D---- C:\Windows\winsxs
2015-04-16 09:28:12 ----SD---- C:\Windows\system32\CompatTel
2015-04-16 09:28:12 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-16 09:28:12 ----D---- C:\Windows\system32\cs-CZ
2015-04-16 09:28:12 ----D---- C:\Windows\system32\appraiser
2015-04-16 09:28:12 ----D---- C:\Windows\PolicyDefinitions
2015-04-16 09:28:10 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 09:28:10 ----D---- C:\Program Files\Internet Explorer
2015-04-16 09:28:09 ----D---- C:\Windows\system32\en-US
2015-04-16 09:28:09 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 23:48:17 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 23:47:27 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 23:44:12 ----RD---- C:\Program Files (x86)\Skype
2015-04-15 23:44:09 ----D---- C:\ProgramData\Skype
2015-04-15 23:43:48 ----D---- C:\Windows\system32\MRT
2015-04-15 23:37:41 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 23:37:35 ----A---- C:\Windows\win.ini
2015-04-15 07:26:00 ----D---- C:\Windows\system32\catroot2
2015-04-09 11:16:42 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-04-09 11:06:25 ----D---- C:\Program Files\Microsoft Office 15
2015-04-07 16:19:59 ----RSD---- C:\Windows\Fonts
2015-04-06 23:09:19 ----D---- C:\Users\Tom\AppData\Roaming\Skype
2015-04-03 20:28:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-01 21:49:03 ----D---- C:\Program Files (x86)\Google
2015-04-01 12:02:13 ----D---- C:\Users\Tom\AppData\Roaming\Avira
2015-03-25 04:16:47 ----D---- C:\Windows\system32\wbem
2015-03-24 19:16:13 ----A---- C:\Windows\SYSWOW64\imslevel.dll
2015-03-24 19:16:13 ----A---- C:\Windows\SYSWOW64\imsaiff.dll
2015-03-24 19:16:03 ----A---- C:\Windows\SYSWOW64\DGRip.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 HybridDisk;HybridDisk; C:\Windows\System32\DRIVERS\HybridDiskX64.sys [2010-03-03 38496]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-30 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2012-08-12 39008]
R0 NSD;NSD; C:\Windows\system32\drivers\nsd.sys [2011-12-24 24160]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-07-02 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-05 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-11-25 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2015-01-30 20184]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2015-01-30 792648]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2015-01-30 45880]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2012-11-16 31344]
R1 hybridcfile;hybridcfile; C:\Windows\system32\DRIVERS\HybridCFileX64.sys [2010-03-03 13920]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2015-01-30 104608]
R1 Nsdfltr;Nsdfltr; C:\Windows\system32\drivers\Nsdfltr.sys [2011-12-22 59488]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-05 128536]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2012-08-12 30816]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-12-05 195584]
R3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver; C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys [2011-08-08 198480]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 hswpan;WPAN Driver; C:\Windows\system32\DRIVERS\hswpan.sys [2012-01-27 109056]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2012-08-20 90112]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-10-10 5343584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-03 4730344]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
R3 iwdbus;IWD Bus Enumerator; C:\Windows\system32\DRIVERS\iwdbus.sys [2012-01-27 25496]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-03-02 104048]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-12-02 11417088]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 rtsuvc;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\rtsuvc.sys [2011-09-06 8208488]
R3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys [2015-04-06 38992]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-12-16 411920]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2015-04-16 27136]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys []
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol; C:\Windows\system32\DRIVERS\amppal.sys [2011-12-05 195584]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2012-02-02 134696]
S3 BRDriver64;BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [2014-09-25 75048]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-10-10 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-02-02 615976]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-02 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-02-02 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-02 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-02 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-10-30 14336]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2010-10-08 32768]
S3 huawei_cdcacm;huawei_cdcacm; C:\Windows\system32\DRIVERS\ew_jucdcacm.sys [2012-08-20 104960]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\Windows\system32\DRIVERS\ew_juextctrl.sys [2012-08-20 30720]
S3 huawei_wwanecm;huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [2012-12-03 241152]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2011-12-31 225920]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2012-01-27 34200]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2013-07-25 23040]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-04-16 35064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [2011-08-18 819976]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-12-05 659968]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-12-05 135952]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2012-02-02 945440]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-04-08 2714800]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2015-02-10 7618952]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2013-01-24 65536]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-12-08 618256]
R2 HWDeviceService64.exe;HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-28 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-02-28 277784]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2012-06-21 69640]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-08-13 76888]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-12-08 148752]
R3 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-04-01 434424]
R3 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-04-01 434424]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-09-01 640840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 NSDSvc;Fast boot service of lenovo; C:\Windows\System32\NSDSvc.exe [2011-12-24 120160]
S2 O2 Internet. RunOuc;O2 Internet. OUC; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe []
S2 PinnacleUpdateSvc;PinnacleUpdate Service; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [2011-05-09 430080]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-04-01 815920]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 BRSptSvc;BitRaider Mini-Support Service; C:\ProgramData\BitRaider\BRSptSvc.exe [2014-09-25 477960]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2015-02-10 2265304]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-10-10 277024]
S3 Disconnect Desktop Updater;Disconnect Desktop Updater; C:\Program Files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [2015-04-16 358400]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-03-03 654848]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-15 114688]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-12-08 273168]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\Disconnect\Disconnect Desktop\openvpn\bin\openvpnserv.exe [2015-04-16 32568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-03-02 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2014-03-02 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-02-15 543144]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-03-20 746392]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#2 Příspěvek od Roli »

Zdravím, smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


V Plánovači úloh zakaž : Facebook Update a Google Update oboje tam bude vícekrát.


Stáhni a ulož na plochu AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Nakonec použij Mbam z mého popdisu a dej mi sem z něj log, předem nic nemazat !
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#3 Příspěvek od INCVBVS »

# AdwCleaner v4.201 - Log vytvořen 18/04/2015 v 21:18:49
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-18.3 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Tom - TOM-PC
# Spuštěno z : C:\Users\Tom\Desktop\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : PanService

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\Amazon\ABB
Složka Smazáno : C:\Program Files (x86)\PANDORA.TV
Složka Smazáno : C:\Windows\Util
Složka Smazáno : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
Soubor Smazáno : C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\OCS
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\PIP
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Google Chrome v42.0.2311.90

[C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : pbjikboenpfhbbejgkoklgkhjpfogcam
[C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : kbfnbcaeplbcioakkpcpgfkobkghlhen

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [316 bytů] - [16/04/2015 22:23:04]
AdwCleaner[R1].txt - [316 bytů] - [16/04/2015 22:24:04]
AdwCleaner[R2].txt - [316 bytů] - [16/04/2015 22:25:15]
AdwCleaner[R3].txt - [314 bytů] - [16/04/2015 22:40:10]
AdwCleaner[R4].txt - [2272 bytů] - [18/04/2015 21:15:40]
AdwCleaner[R5].txt - [2330 bytů] - [18/04/2015 21:17:50]
AdwCleaner[S0].txt - [2112 bytů] - [18/04/2015 21:18:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2170 bytů] ##########
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#4 Příspěvek od INCVBVS »

Ahoj,

bohužel zatím nemůžu poslat log z MBAM, protože to nikdy neprojde přes file scan. Nechal jsem to i přes noc, ale vždycky se to po cca hodině zasekne a nechce to dál. Nejdřív se to zastavilo při scanu složek Comodo Firewall, a poté co jsem tam dal výjimkou, tak se to seklo u nějakýho souboru ze složky WestenDigital. :((
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#5 Příspěvek od Roli »

INCVBVS píše:Ahoj,

bohužel zatím nemůžu poslat log z MBAM, protože to nikdy neprojde přes file scan. Nechal jsem to i přes noc, ale vždycky se to po cca hodině zasekne a nechce to dál. Nejdřív se to zastavilo při scanu složek Comodo Firewall, a poté co jsem tam dal výjimkou, tak se to seklo u nějakýho souboru ze složky WestenDigital. :((
Ahoj,

tak zkus Mbam spustit v Nouzáku.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#6 Příspěvek od INCVBVS »

Ahoj :) ,
ani to bohužel nepomohlo a scan se nedokončil :/
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#7 Příspěvek od Roli »

Tak jinak.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#8 Příspěvek od INCVBVS »

ComboFix 15-04-16.01 - Tom 24.04.2015 14:02:24.2.4 - x64
Spuštěný z: c:\users\Tom\Downloads\ComboFix.exe
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-24 do 2015-04-24 )))))))))))))))))))))))))))))))
.
.
2015-04-24 12:30 . 2015-04-24 12:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-18 20:05 . 2015-04-20 16:44 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-18 20:05 . 2015-04-18 20:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-18 20:05 . 2015-04-18 20:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-18 20:05 . 2015-04-18 20:05 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-18 19:19 . 2015-04-24 11:41 -------- d-----w- c:\users\Tom\AppData\Local\CrashDumps
2015-04-18 11:22 . 2015-04-18 11:23 -------- d-----w- C:\rsit
2015-04-18 11:22 . 2015-04-18 11:23 -------- d-----w- c:\program files\trend micro
2015-04-18 11:16 . 2015-04-18 11:16 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-18 11:11 . 2015-04-18 11:11 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2015-04-16 20:29 . 2015-04-16 20:29 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-04-16 20:29 . 2015-04-16 20:37 -------- d-----w- c:\programdata\RogueKiller
2015-04-16 20:23 . 2015-04-18 19:18 -------- d-----w- C:\AdwCleaner
2015-04-16 19:52 . 2015-04-16 19:52 -------- d-----w- C:\RegBackup
2015-04-16 14:19 . 2015-04-16 14:31 -------- d---a-r- c:\program files (x86)\Watch_Dogs
2015-04-16 07:56 . 2015-04-19 21:16 -------- d-----w- c:\users\Tom\AppData\Local\Disconnect Desktop
2015-04-16 07:56 . 2015-04-16 07:56 -------- d-----w- c:\programdata\Caphyon
2015-04-16 07:55 . 2015-04-16 07:56 -------- d-----w- c:\program files\TAP-Windows
2015-04-16 07:54 . 2015-04-16 07:54 -------- d-----w- c:\program files (x86)\Disconnect
2015-04-16 07:54 . 2015-04-16 07:54 -------- d-----w- c:\users\Tom\AppData\Roaming\Disconnect
2015-04-15 05:55 . 2015-04-15 05:55 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 05:53 . 2015-04-15 05:53 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 05:52 . 2015-04-15 05:52 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 05:47 . 2015-04-15 05:47 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 05:47 . 2015-04-15 05:47 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 05:47 . 2015-04-15 05:47 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-06 11:54 . 2015-04-06 11:54 -------- d-----w- c:\programdata\Screaming Bee
2015-04-06 11:53 . 2015-04-06 11:54 -------- d-----w- c:\users\Tom\AppData\Roaming\Screaming Bee
2015-04-04 23:14 . 2015-04-04 23:14 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 23:14 . 2015-04-04 23:14 -------- d-s---w- c:\windows\SysWow64\GWX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-23 07:36 . 2012-11-28 23:17 119296 ----a-w- c:\windows\SysWow64\zlib.dll
2015-04-18 20:05 . 2013-05-05 13:30 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-18 11:15 . 2014-10-28 14:22 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-16 07:55 . 2014-04-08 13:33 27136 ----a-w- c:\windows\system32\drivers\tap0901.sys
2015-04-15 21:37 . 2012-11-18 10:44 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-15 05:53 . 2015-04-15 05:53 341504 ----a-w- c:\windows\system32\schannel.dll
2015-04-15 05:53 . 2015-04-15 05:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-15 05:53 . 2015-04-15 05:53 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-08 18:05 . 2014-03-31 18:41 627912 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-04-06 11:53 . 2010-07-01 13:21 38992 ----a-w- c:\windows\system32\drivers\ScreamingBAudio64.sys
2015-04-03 18:28 . 2012-11-16 10:06 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-03 18:28 . 2012-11-16 10:06 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-01 17:49 . 2012-11-07 22:38 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2012-11-07 22:38 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2012-11-07 22:38 797280 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2015-04-01 17:49 . 2012-11-07 22:37 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2012-11-07 22:37 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2012-11-07 22:37 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2012-11-07 22:37 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-06-09 20:41 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-06-09 20:41 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-06-09 20:41 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-06-09 20:41 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-24 17:16 . 2015-03-24 17:16 178512 ----a-w- c:\windows\SysWow64\msmask32.ocx
2015-03-24 17:16 . 2013-06-11 18:49 659264 ----a-w- c:\windows\SysWow64\mscomct2.ocx
2015-03-24 17:16 . 2015-03-24 17:16 215880 ----a-w- c:\windows\SysWow64\MCI32.OCX
2015-03-24 17:16 . 2015-03-24 17:16 70656 ----a-w- c:\windows\SysWow64\imsfchk.dll
2015-03-24 17:16 . 2013-06-11 18:49 57344 ----a-w- c:\windows\SysWow64\imsaiff.dll
2015-03-24 17:16 . 2013-06-11 18:49 34304 ----a-w- c:\windows\SysWow64\imslevel.dll
2015-03-24 17:16 . 2012-11-28 23:17 155984 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2015-03-24 17:16 . 2013-06-11 18:49 579504 ----a-w- c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v13.3.1.ocx
2015-03-24 17:16 . 2013-06-11 18:49 53248 ----a-w- c:\windows\SysWow64\AudioCDRipStan2.ocx
2015-03-24 17:16 . 2013-06-11 18:49 274432 ----a-w- c:\windows\SysWow64\ADec3.ocx
2015-03-24 17:16 . 2013-06-11 18:49 36864 ----a-w- c:\windows\SysWow64\DGRip.dll
2015-03-11 13:28 . 2015-03-11 13:28 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-03-11 13:28 . 2015-03-11 13:28 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-03-11 13:28 . 2015-03-11 13:28 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-03-11 13:28 . 2015-03-11 13:28 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-03-11 13:28 . 2015-03-11 13:28 616360 ----a-w- c:\windows\system32\winresume.efi
2015-03-11 13:28 . 2015-03-11 13:28 4121600 ----a-w- c:\windows\system32\mf.dll
2015-03-11 13:28 . 2015-03-11 13:28 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-03-11 13:28 . 2015-03-11 13:28 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-03-11 13:28 . 2015-03-11 13:28 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-03-11 13:28 . 2015-03-11 13:28 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-03-11 13:28 . 2015-03-11 13:28 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-03-11 13:28 . 2015-03-11 13:28 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-03-11 13:28 . 2015-03-11 13:28 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-03-11 13:28 . 2015-03-11 13:28 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-03-11 13:28 . 2015-03-11 13:28 693176 ----a-w- c:\windows\system32\winload.efi
2015-03-11 13:28 . 2015-03-11 13:28 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-03-11 13:28 . 2015-03-11 13:28 641024 ----a-w- c:\windows\system32\msscp.dll
2015-03-11 13:28 . 2015-03-11 13:28 619056 ----a-w- c:\windows\system32\winload.exe
2015-03-11 13:28 . 2015-03-11 13:28 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-03-11 13:28 . 2015-03-11 13:28 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-03-11 13:28 . 2015-03-11 13:28 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-03-11 13:28 . 2015-03-11 13:28 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-03-11 13:28 . 2015-03-11 13:28 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-03-11 13:28 . 2015-03-11 13:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-03-11 13:28 . 2015-03-11 13:28 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-03-11 13:28 . 2015-03-11 13:28 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-03-11 13:28 . 2015-03-11 13:28 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-03-11 13:28 . 2015-03-11 13:28 631808 ----a-w- c:\windows\system32\evr.dll
2015-03-11 13:28 . 2015-03-11 13:28 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-03-11 13:28 . 2015-03-11 13:28 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-03-11 13:28 . 2015-03-11 13:28 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-03-11 13:28 . 2015-03-11 13:28 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-03-11 13:28 . 2015-03-11 13:28 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-03-11 13:28 . 2015-03-11 13:28 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-03-11 13:28 . 2015-03-11 13:28 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-03-11 13:28 . 2015-03-11 13:28 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-03-11 13:28 . 2015-03-11 13:28 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-03-11 13:28 . 2015-03-11 13:28 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-03-11 13:28 . 2015-03-11 13:28 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-03-11 13:28 . 2015-03-11 13:28 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-03-11 13:28 . 2015-03-11 13:28 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-03-11 13:28 . 2015-03-11 13:28 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-03-11 13:28 . 2015-03-11 13:28 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-03-11 13:28 . 2015-03-11 13:28 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-03-11 13:28 . 2015-03-11 13:28 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-03-11 13:28 . 2015-03-11 13:28 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-03-11 13:28 . 2015-03-11 13:28 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-03-11 13:28 . 2015-03-11 13:28 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-03-11 13:28 . 2015-03-11 13:28 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-03-11 13:28 . 2015-03-11 13:28 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-03-11 13:28 . 2015-03-11 13:28 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-03-11 13:28 . 2015-03-11 13:28 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-03-11 13:28 . 2015-03-11 13:28 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-03-11 13:28 . 2015-03-11 13:28 206848 ----a-w- c:\windows\system32\mfps.dll
2015-03-11 13:28 . 2015-03-11 13:28 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2015-03-11 13:28 . 2015-03-11 13:28 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-03-11 13:28 . 2015-03-11 13:28 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-03-11 13:28 . 2015-03-11 13:28 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-03-11 13:28 . 2015-03-11 13:28 9728 ----a-w- c:\windows\system32\spwmp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Iconoid"="c:\program files\Iconoid\iconoid64.exe" [2010-08-21 313344]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-01 726320]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 Disconnect Desktop Updater;Disconnect Desktop Updater;c:\program files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe;c:\program files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys;c:\windows\SYSNATIVE\drivers\nsd.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy2.sys [x]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys;c:\windows\SYSNATIVE\drivers\Nsdfltr.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe;c:\windows\SYSNATIVE\NSDSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [x]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys;c:\windows\SYSNATIVE\DRIVERS\hswpan.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-14 19:33 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001Core.job
- c:\users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18 21:14]
.
2015-04-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001UA.job
- c:\users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18 21:14]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12 15:09]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12 15:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-12 02:01 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-12 789856]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-12 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-12 6202416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: sharepoint.com\postamup
Trusted Zone: sharepoint.com\postamup-my
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4278382827-3677677437-3471914965-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4a,4d,f1,c0,e7,db,72,3c,1c,05,54,28,6c,62,a5,27,4c,7f,8d,70,01,ba,9f,
77,92,29,0f,b7,49,0a,37,c0,07,fd,05,f3,35,bb,ef,46,b6,98,9c,f4,bc,5e,a0,17,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-04-24 14:57:38
ComboFix-quarantined-files.txt 2015-04-24 12:57
ComboFix2.txt 2015-04-17 10:05
.
Před spuštěním: Volných bajtů: 150 029 344 768
Po spuštění: Volných bajtů: 150 435 672 064
.
- - End Of File - - 050787FC9205A14CE4B8C3F3BA13BE7D
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#9 Příspěvek od Roli »

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#10 Příspěvek od INCVBVS »

ComboFix 15-04-16.01 - Tom 25.04.2015 20:30:12.3.4 - x64
Spuštěný z: c:\users\Tom\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Tom\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2015-03-25 do 2015-04-25 )))))))))))))))))))))))))))))))
.
.
2015-04-25 18:46 . 2015-04-25 18:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-18 20:05 . 2015-04-20 16:44 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-18 20:05 . 2015-04-18 20:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-04-18 20:05 . 2015-04-18 20:05 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-04-18 20:05 . 2015-04-18 20:05 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-04-18 19:19 . 2015-04-25 18:47 -------- d-----w- c:\users\Tom\AppData\Local\CrashDumps
2015-04-18 11:22 . 2015-04-18 11:23 -------- d-----w- C:\rsit
2015-04-18 11:22 . 2015-04-18 11:23 -------- d-----w- c:\program files\trend micro
2015-04-18 11:16 . 2015-04-18 11:16 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-04-18 11:11 . 2015-04-18 11:11 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2015-04-16 20:29 . 2015-04-16 20:29 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2015-04-16 20:29 . 2015-04-16 20:37 -------- d-----w- c:\programdata\RogueKiller
2015-04-16 20:23 . 2015-04-18 19:18 -------- d-----w- C:\AdwCleaner
2015-04-16 19:52 . 2015-04-16 19:52 -------- d-----w- C:\RegBackup
2015-04-16 14:19 . 2015-04-16 14:31 -------- d---a-r- c:\program files (x86)\Watch_Dogs
2015-04-16 07:56 . 2015-04-19 21:16 -------- d-----w- c:\users\Tom\AppData\Local\Disconnect Desktop
2015-04-16 07:56 . 2015-04-16 07:56 -------- d-----w- c:\programdata\Caphyon
2015-04-16 07:55 . 2015-04-16 07:56 -------- d-----w- c:\program files\TAP-Windows
2015-04-16 07:54 . 2015-04-16 07:54 -------- d-----w- c:\program files (x86)\Disconnect
2015-04-16 07:54 . 2015-04-16 07:54 -------- d-----w- c:\users\Tom\AppData\Roaming\Disconnect
2015-04-15 05:55 . 2015-04-15 05:55 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-04-15 05:53 . 2015-04-15 05:53 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 05:52 . 2015-04-15 05:52 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 05:47 . 2015-04-15 05:47 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 05:47 . 2015-04-15 05:47 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-15 05:47 . 2015-04-15 05:47 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-06 11:54 . 2015-04-06 11:54 -------- d-----w- c:\programdata\Screaming Bee
2015-04-06 11:53 . 2015-04-06 11:54 -------- d-----w- c:\users\Tom\AppData\Roaming\Screaming Bee
2015-04-04 23:14 . 2015-04-04 23:14 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 23:14 . 2015-04-04 23:14 -------- d-s---w- c:\windows\SysWow64\GWX
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-23 07:36 . 2012-11-28 23:17 119296 ----a-w- c:\windows\SysWow64\zlib.dll
2015-04-18 20:05 . 2013-05-05 13:30 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-04-18 11:15 . 2014-10-28 14:22 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-16 07:55 . 2014-04-08 13:33 27136 ----a-w- c:\windows\system32\drivers\tap0901.sys
2015-04-15 21:37 . 2012-11-18 10:44 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-04-15 05:53 . 2015-04-15 05:53 341504 ----a-w- c:\windows\system32\schannel.dll
2015-04-15 05:53 . 2015-04-15 05:53 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-04-15 05:53 . 2015-04-15 05:53 248832 ----a-w- c:\windows\SysWow64\schannel.dll
2015-04-08 18:05 . 2014-03-31 18:41 627912 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-04-06 11:53 . 2010-07-01 13:21 38992 ----a-w- c:\windows\system32\drivers\ScreamingBAudio64.sys
2015-04-03 18:28 . 2012-11-16 10:06 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-03 18:28 . 2012-11-16 10:06 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-01 17:49 . 2012-11-07 22:38 104608 ----a-w- c:\windows\system32\drivers\inspect.sys
2015-04-01 17:49 . 2012-11-07 22:38 45880 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2015-04-01 17:49 . 2012-11-07 22:38 797280 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2015-04-01 17:49 . 2012-11-07 22:37 20696 ----a-w- c:\windows\system32\drivers\cmderd.sys
2015-04-01 17:48 . 2012-11-07 22:37 41248 ----a-w- c:\windows\system32\cmdcsr.dll
2015-04-01 17:48 . 2012-11-07 22:37 444472 ----a-w- c:\windows\SysWow64\guard32.dll
2015-04-01 17:48 . 2012-11-07 22:37 576848 ----a-w- c:\windows\system32\guard64.dll
2015-04-01 17:47 . 2014-06-09 20:41 358104 ----a-w- c:\windows\system32\cmdvrt64.dll
2015-04-01 17:46 . 2014-06-09 20:41 45784 ----a-w- c:\windows\system32\cmdkbd64.dll
2015-04-01 17:45 . 2014-06-09 20:41 288472 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2015-04-01 17:45 . 2014-06-09 20:41 40664 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2015-03-24 17:16 . 2015-03-24 17:16 178512 ----a-w- c:\windows\SysWow64\msmask32.ocx
2015-03-24 17:16 . 2013-06-11 18:49 659264 ----a-w- c:\windows\SysWow64\mscomct2.ocx
2015-03-24 17:16 . 2015-03-24 17:16 215880 ----a-w- c:\windows\SysWow64\MCI32.OCX
2015-03-24 17:16 . 2015-03-24 17:16 70656 ----a-w- c:\windows\SysWow64\imsfchk.dll
2015-03-24 17:16 . 2013-06-11 18:49 57344 ----a-w- c:\windows\SysWow64\imsaiff.dll
2015-03-24 17:16 . 2013-06-11 18:49 34304 ----a-w- c:\windows\SysWow64\imslevel.dll
2015-03-24 17:16 . 2012-11-28 23:17 155984 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2015-03-24 17:16 . 2013-06-11 18:49 579504 ----a-w- c:\windows\SysWow64\Codejock.SkinFramework.Unicode.v13.3.1.ocx
2015-03-24 17:16 . 2013-06-11 18:49 53248 ----a-w- c:\windows\SysWow64\AudioCDRipStan2.ocx
2015-03-24 17:16 . 2013-06-11 18:49 274432 ----a-w- c:\windows\SysWow64\ADec3.ocx
2015-03-24 17:16 . 2013-06-11 18:49 36864 ----a-w- c:\windows\SysWow64\DGRip.dll
2015-03-11 13:28 . 2015-03-11 13:28 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-03-11 13:28 . 2015-03-11 13:28 1480192 ----a-w- c:\windows\system32\crypt32.dll
2015-03-11 13:28 . 2015-03-11 13:28 1174528 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-03-11 13:28 . 2015-03-11 13:28 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-03-11 13:28 . 2015-03-11 13:28 616360 ----a-w- c:\windows\system32\winresume.efi
2015-03-11 13:28 . 2015-03-11 13:28 4121600 ----a-w- c:\windows\system32\mf.dll
2015-03-11 13:28 . 2015-03-11 13:28 14632960 ----a-w- c:\windows\system32\wmp.dll
2015-03-11 13:28 . 2015-03-11 13:28 1574400 ----a-w- c:\windows\system32\quartz.dll
2015-03-11 13:28 . 2015-03-11 13:28 1329664 ----a-w- c:\windows\SysWow64\quartz.dll
2015-03-11 13:28 . 2015-03-11 13:28 1202176 ----a-w- c:\windows\system32\drmv2clt.dll
2015-03-11 13:28 . 2015-03-11 13:28 988160 ----a-w- c:\windows\SysWow64\drmv2clt.dll
2015-03-11 13:28 . 2015-03-11 13:28 842240 ----a-w- c:\windows\system32\blackbox.dll
2015-03-11 13:28 . 2015-03-11 13:28 782848 ----a-w- c:\windows\system32\wmdrmsdk.dll
2015-03-11 13:28 . 2015-03-11 13:28 744960 ----a-w- c:\windows\SysWow64\blackbox.dll
2015-03-11 13:28 . 2015-03-11 13:28 693176 ----a-w- c:\windows\system32\winload.efi
2015-03-11 13:28 . 2015-03-11 13:28 680960 ----a-w- c:\windows\system32\audiosrv.dll
2015-03-11 13:28 . 2015-03-11 13:28 641024 ----a-w- c:\windows\system32\msscp.dll
2015-03-11 13:28 . 2015-03-11 13:28 619056 ----a-w- c:\windows\system32\winload.exe
2015-03-11 13:28 . 2015-03-11 13:28 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2015-03-11 13:28 . 2015-03-11 13:28 229376 ----a-w- c:\windows\system32\wintrust.dll
2015-03-11 13:28 . 2015-03-11 13:28 188416 ----a-w- c:\windows\system32\pcasvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 179200 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-03-11 13:28 . 2015-03-11 13:28 140288 ----a-w- c:\windows\system32\cryptnet.dll
2015-03-11 13:28 . 2015-03-11 13:28 1069056 ----a-w- c:\windows\system32\cryptui.dll
2015-03-11 13:28 . 2015-03-11 13:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-03-11 13:28 . 2015-03-11 13:28 1005056 ----a-w- c:\windows\SysWow64\cryptui.dll
2015-03-11 13:28 . 2015-03-11 13:28 617984 ----a-w- c:\windows\SysWow64\wmdrmsdk.dll
2015-03-11 13:28 . 2015-03-11 13:28 497664 ----a-w- c:\windows\system32\drmmgrtn.dll
2015-03-11 13:28 . 2015-03-11 13:28 631808 ----a-w- c:\windows\system32\evr.dll
2015-03-11 13:28 . 2015-03-11 13:28 504320 ----a-w- c:\windows\SysWow64\msscp.dll
2015-03-11 13:28 . 2015-03-11 13:28 500224 ----a-w- c:\windows\system32\AUDIOKSE.dll
2015-03-11 13:28 . 2015-03-11 13:28 489984 ----a-w- c:\windows\SysWow64\evr.dll
2015-03-11 13:28 . 2015-03-11 13:28 432128 ----a-w- c:\windows\system32\mfplat.dll
2015-03-11 13:28 . 2015-03-11 13:28 406016 ----a-w- c:\windows\SysWow64\drmmgrtn.dll
2015-03-11 13:28 . 2015-03-11 13:28 371712 ----a-w- c:\windows\system32\qdvd.dll
2015-03-11 13:28 . 2015-03-11 13:28 354816 ----a-w- c:\windows\SysWow64\mfplat.dll
2015-03-11 13:28 . 2015-03-11 13:28 296448 ----a-w- c:\windows\system32\AudioSes.dll
2015-03-11 13:28 . 2015-03-11 13:28 143872 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 126464 ----a-w- c:\windows\system32\audiodg.exe
2015-03-11 13:28 . 2015-03-11 13:28 325632 ----a-w- c:\windows\system32\msnetobj.dll
2015-03-11 13:28 . 2015-03-11 13:28 187904 ----a-w- c:\windows\system32\cryptsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-03-11 13:28 . 2015-03-11 13:28 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-03-11 13:28 . 2015-03-11 13:28 442880 ----a-w- c:\windows\SysWow64\AUDIOKSE.dll
2015-03-11 13:28 . 2015-03-11 13:28 440832 ----a-w- c:\windows\system32\AudioEng.dll
2015-03-11 13:28 . 2015-03-11 13:28 374784 ----a-w- c:\windows\SysWow64\AudioEng.dll
2015-03-11 13:28 . 2015-03-11 13:28 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-03-11 13:28 . 2015-03-11 13:28 265216 ----a-w- c:\windows\SysWow64\msnetobj.dll
2015-03-11 13:28 . 2015-03-11 13:28 9728 ----a-w- c:\windows\system32\pcalua.exe
2015-03-11 13:28 . 2015-03-11 13:28 82432 ----a-w- c:\windows\system32\cryptsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 81408 ----a-w- c:\windows\SysWow64\cryptsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 663552 ----a-w- c:\windows\system32\drivers\PEAuth.sys
2015-03-11 13:28 . 2015-03-11 13:28 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2015-03-11 13:28 . 2015-03-11 13:28 58880 ----a-w- c:\windows\system32\appidapi.dll
2015-03-11 13:28 . 2015-03-11 13:28 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2015-03-11 13:28 . 2015-03-11 13:28 32256 ----a-w- c:\windows\system32\appidsvc.dll
2015-03-11 13:28 . 2015-03-11 13:28 284672 ----a-w- c:\windows\system32\EncDump.dll
2015-03-11 13:28 . 2015-03-11 13:28 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-03-11 13:28 . 2015-03-11 13:28 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-03-11 13:28 . 2015-03-11 13:28 206848 ----a-w- c:\windows\system32\mfps.dll
2015-03-11 13:28 . 2015-03-11 13:28 195584 ----a-w- c:\windows\SysWow64\AudioSes.dll
2015-03-11 13:28 . 2015-03-11 13:28 146944 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2015-03-11 13:28 . 2015-03-11 13:28 11264 ----a-w- c:\windows\system32\pcawrk.exe
2015-03-11 13:28 . 2015-03-11 13:28 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-03-11 13:28 . 2015-03-11 13:28 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-03-11 13:28 . 2015-03-11 13:28 9728 ----a-w- c:\windows\system32\spwmp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-08 18:09 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Iconoid"="c:\program files\Iconoid\iconoid64.exe" [2010-08-21 313344]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-26 337776]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"Intelligent Touchpad"="c:\program files\Lenovo\Intelligent Touchpad\TouchZone.exe" [2011-12-08 291272]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-01 726320]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe;c:\program files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [x]
R3 Disconnect Desktop Updater;Disconnect Desktop Updater;c:\program files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe;c:\program files (x86)\Disconnect\Disconnect Desktop\Disconnect Desktop Updater.exe [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys;c:\windows\SYSNATIVE\DRIVERS\ewdcsc.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 HybridDisk;HybridDisk;c:\windows\System32\DRIVERS\HybridDiskX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridDiskX64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 NSD;NSD;c:\windows\system32\drivers\nsd.sys;c:\windows\SYSNATIVE\drivers\nsd.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys;c:\windows\SYSNATIVE\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys;c:\windows\SYSNATIVE\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys;c:\windows\SYSNATIVE\DRIVERS\cmdhlp.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys;c:\windows\SYSNATIVE\DRIVERS\cnnctfy2.sys [x]
S1 hybridcfile;hybridcfile;c:\windows\system32\DRIVERS\HybridCFileX64.sys;c:\windows\SYSNATIVE\DRIVERS\HybridCFileX64.sys [x]
S1 Nsdfltr;Nsdfltr;c:\windows\system32\drivers\Nsdfltr.sys;c:\windows\SYSNATIVE\drivers\Nsdfltr.sys [x]
S2 ABBYY.Licensing.FineReader.Professional.11.0;ABBYY FineReader 11 PE Licensing Service;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe;c:\program files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office ClickToRun;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe;c:\program files (x86)\Connectify\ConnectifyService.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NSDSvc;Fast boot service of lenovo;c:\windows\System32\NSDSvc.exe;c:\windows\SYSNATIVE\NSDSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [x]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 hswpan;WPAN Driver;c:\windows\system32\DRIVERS\hswpan.sys;c:\windows\SYSNATIVE\DRIVERS\hswpan.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 rtsuvc;Lenovo EasyCamera;c:\windows\system32\DRIVERS\rtsuvc.sys;c:\windows\SYSNATIVE\DRIVERS\rtsuvc.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-14 19:33 988488 ----a-w- c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2015-04-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001Core.job
- c:\users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18 21:14]
.
2015-04-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001UA.job
- c:\users\Tom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-18 21:14]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12 15:09]
.
2015-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-12 15:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-08 18:10 2334928 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-08-12 02:01 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynLenovoGestureMgr"="c:\program files (x86)\Synaptics\SynTP\SynLenovoGestureMgr.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 12343400]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 1156712]
"OnekeyStudio"="c:\program files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe" [2012-08-12 789856]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-08-12 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-08-12 6202416]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2015-04-20 1426136]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-10-10 171040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-10-10 399392]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-10-10 441888]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uStart Page = hxxp://us.yahoo.com?fr=fp-comodo
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: sharepoint.com\postamup
Trusted Zone: sharepoint.com\postamup-my
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-4F6D5E84-5826-4394-9F40-3A9A19165651_is1 - c:\program files (x86)\PANDORA.TV\PanService\unins000.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4278382827-3677677437-3471914965-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:4a,4d,f1,c0,e7,db,72,3c,1c,05,54,28,6c,62,a5,27,4c,7f,8d,70,01,ba,9f,
77,92,29,0f,b7,49,0a,37,c0,07,fd,05,f3,35,bb,ef,46,b6,98,9c,f4,bc,5e,a0,17,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\COMODO\CIS\Installer\Sym_Cam\CIS]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Configurations]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Data]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\cmdAgent\Mode\Options]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Cam]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\Software\COMODO\Firewall Pro]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,59,00,53,00,\
.
Celkový čas: 2015-04-25 21:13:11
ComboFix-quarantined-files.txt 2015-04-25 19:13
ComboFix2.txt 2015-04-24 12:58
ComboFix3.txt 2015-04-17 10:05
.
Před spuštěním: Volných bajtů: 150 247 305 216
Po spuštění: Volných bajtů: 150 159 917 056
.
- - End Of File - - 8F1BF4AD10053E758BE0C032D08B0266
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#11 Příspěvek od INCVBVS »

OTM hází tuhle hlášku, když ho spustím :(
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#12 Příspěvek od Roli »

INCVBVS píše:OTM hází tuhle hlášku, když ho spustím :(
Zkus jej spustit v Nouzovém režimu.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#13 Příspěvek od INCVBVS »

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001Core.job moved successfully.
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4278382827-3677677437-3471914965-1001UA.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Tom
->Temp folder emptied: 25322 bytes
->Temporary Internet Files folder emptied: 840073 bytes
->Java cache emptied: 6964656 bytes
->Google Chrome cache emptied: 393691966 bytes
->Flash cache emptied: 506 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 97031974 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 64420 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42591403 bytes
RecycleBin emptied: 172858 bytes

Total Files Cleaned = 516,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 04302015_094313
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu RSIT

#14 Příspěvek od Roli »

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Spusť skener Cure It podle TOHOTO návodu

po skončení skenu mi sem nakopíruj výsledky - stačí konec logu se souhrnem.

(Upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
INCVBVS
Návštěvník
Návštěvník
Příspěvky: 16
Registrován: 18 dub 2015 12:20

Re: Kontrola logu RSIT

#15 Příspěvek od INCVBVS »

Ahoj, nevím zda jsem použil CureIt správně, novější verze vůbec neodpovídá návodu. Zaškrtal jsem všechny možnosti a spustil scan. Přesto posílám souhrn logu a kdyžtak to zkusím znova.

Total 17979966247 bytes in 29004 files scanned (35871 objects)
Total 28963 files (35823 objects) are clean
There are no infected objects detected
Total 48 files are raised error condition
Scan time is 00:28:01.720
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“