Dobrý den,
už zde toto téma bylo, nicméně je zamčené a dva příspěvky v něm mi nepomohly. Proto zakládám znova. Prosím o radu co dělat v případě opakovaného napadení virem "URL:Mal". Avast hlásí z různých serverů několikrát do hodiny (vždy objekt: http://getfilez.....), proces Firefox. Vzniklo při pokusu o instalaci jazykového balíčku pro zkušební verzi programu. "Jazykový balíček" nebyl oficiální produkt zhotovitele programu, zkušební verze je OK.
Dle informací zmíněného uzavřeného vlákna přikládám LOG textový soubor.
S pozdravem Václav Odvárka.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
URL:Mal
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: URL:Mal
Zdravím!
O které vlákno se jedná? Pokud mi to řeknete, bude odemčeno. Tento problém se řeší žádostí na moderátora, nebo admina o odemknutí.
O které vlákno se jedná? Pokud mi to řeknete, bude odemčeno. Tento problém se řeší žádostí na moderátora, nebo admina o odemknutí.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: URL:Mal
Dobré ráno.
Odkaz na vlákno zde: http://forum.viry.cz/viewtopic.php?f=13&t=132286
text LOG souboru zde:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vasek Odvarka at 2015-05-27 14:39:28
Microsoft Windows 8.1
System drive C: has 67 GB (58%) free of 114 GB
Total RAM: 8079 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:39:29, on 27. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Vasek Odvarka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hppp&ts=1 ... SBF319779T
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: Dropbox.lnk = C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit (mi-raysat_3dsmax2010_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9989 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 724852b6-dc25-40e5-b2a2-9d6e7017536d 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9d535689-9144-4dec-b6f6-375bf5868dda -SystemEventPortName:HostProcess-05215aa4-913f-4ed2-b988-2f156d924c85 -IoCancelEventPortName:HostProcess-404f7497-15c6-4dfc-aa91-23f17d9ebab0 -NonStateChangingEventPortName:HostProcess-95e43148-e9da-4c12-bcd3-f40a1f773f22 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:481ae476-d44a-4f91-8055-ae2111bf502e -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {580BF1D2-404A-43BA-AC72-6F682B1CB71D}
taskhostex.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
\??\C:\WINDOWS\system32\conhost.exe 0x4
igfxEM.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Vasek Odvarka\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Vasek Odvarka\AppData\Roaming\Mozilla\Firefox\Profiles\jobmmbva.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
C:\Users\Vasek Odvarka\AppData\Roaming\Mozilla\Firefox\Profiles\jobmmbva.default\extensions\
0ZUj82g@m7.edu
E2@ESvHgm4i4.edu
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B8618C9-2314-421F-84E3-A976823D8AD3}]
bestadblocker - C:\Program Files (x86)\bestadblocker\xvpksXkN2R3wKK.x64.dll [2015-05-26 883712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-16 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DA8BEE9-108D-48D0-BDA4-7D54BE49219D}]
PriceMinus - C:\Program Files (x86)\PriceMinus\Q67ALbYXGHX90W.x64.dll [2015-05-26 883712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19 433944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-16 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19 364824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-03 13651672]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2014-05-19 3100440]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-01 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-01 1570672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-04-28 25700400]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-26 5515496]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-06-07 421160]
C:\Users\Vasek Odvarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25 66328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-27 14:38:21 ----D---- C:\rsit
2015-05-27 14:38:21 ----D---- C:\Program Files\trend micro
2015-05-27 14:25:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-27 14:25:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-26 14:13:17 ----D---- C:\Program Files\BcadTools
2015-05-26 13:25:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-05-26 13:25:28 ----A---- C:\WINDOWS\avastSS.scr
2015-05-26 13:24:28 ----D---- C:\Program Files (x86)\bestadblocker
2015-05-26 13:24:20 ----D---- C:\Program Files (x86)\PriceMinus
2015-05-26 13:24:13 ----D---- C:\ProgramData\15263943396392598875
2015-05-26 13:24:13 ----D---- C:\Program Files (x86)\ProiceMinus
2015-05-21 10:12:43 ----D---- C:\WINDOWS\Migration
2015-05-14 01:56:09 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:56:08 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:46:56 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-14 01:46:54 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-14 01:46:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-14 01:46:51 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-14 01:46:10 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-14 01:46:10 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-14 01:46:08 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-14 01:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-14 01:45:51 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-14 01:45:51 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-14 01:45:49 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-14 01:45:49 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-14 01:45:48 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-14 01:45:47 ----A---- C:\WINDOWS\system32\services.exe
2015-05-14 01:45:46 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-14 01:45:45 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-14 01:45:45 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-14 01:45:42 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-14 01:45:40 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-14 01:45:40 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-14 01:45:36 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-14 01:45:36 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-14 01:45:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-14 01:45:35 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-14 01:45:35 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-14 01:45:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-14 01:45:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-07 15:25:57 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-05-06 15:15:16 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2015-05-06 15:15:16 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2015-05-06 15:15:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2015-05-06 15:15:04 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2015-05-06 15:14:54 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2015-05-06 15:14:54 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
======List of files/folders modified in the last 1 month======
2015-05-27 14:38:25 ----D---- C:\WINDOWS\Prefetch
2015-05-27 14:38:21 ----RD---- C:\Program Files
2015-05-27 14:33:21 ----SHD---- C:\System Volume Information
2015-05-27 14:25:36 ----RD---- C:\Program Files (x86)
2015-05-27 14:18:06 ----D---- C:\WINDOWS\Temp
2015-05-27 14:11:07 ----RD---- C:\WINDOWS\System32
2015-05-27 14:11:07 ----D---- C:\WINDOWS\Inf
2015-05-27 14:11:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-27 14:05:22 ----D---- C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox
2015-05-27 14:04:23 ----D---- C:\ProgramData\NVIDIA
2015-05-27 13:24:28 ----HD---- C:\ProgramData
2015-05-27 13:23:02 ----D---- C:\WINDOWS\Tasks
2015-05-27 13:23:02 ----D---- C:\WINDOWS\system32\Tasks
2015-05-27 13:00:00 ----D---- C:\WINDOWS\system32\sru
2015-05-27 12:27:05 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-26 13:27:12 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-26 13:26:52 ----D---- C:\WINDOWS\system32\drivers
2015-05-26 13:25:29 ----D---- C:\Windows
2015-05-26 10:51:12 ----D---- C:\Users\Vasek Odvarka\AppData\Roaming\Autodesk
2015-05-26 10:51:12 ----D---- C:\ProgramData\Autodesk
2015-05-25 09:39:46 ----D---- C:\WINDOWS\system32\config
2015-05-21 10:45:45 ----D---- C:\WINDOWS\WinSxS
2015-05-21 10:12:49 ----D---- C:\WINDOWS\CbsTemp
2015-05-21 10:12:43 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-21 10:12:43 ----SD---- C:\WINDOWS\system32\GWX
2015-05-19 11:27:12 ----D---- C:\WINDOWS\AppReadiness
2015-05-18 14:13:16 ----D---- C:\WINDOWS\rescache
2015-05-18 11:12:58 ----RD---- C:\WINDOWS\assembly
2015-05-15 15:33:00 ----SHD---- C:\WINDOWS\Installer
2015-05-15 14:59:38 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-15 14:59:32 ----D---- C:\WINDOWS\SysWOW64
2015-05-15 14:56:42 ----D---- C:\Program Files\Internet Explorer
2015-05-15 14:54:42 ----RSD---- C:\WINDOWS\Fonts
2015-05-15 14:54:42 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-15 14:54:42 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-15 10:06:39 ----HD---- C:\Program Files\WindowsApps
2015-05-14 01:56:02 ----D---- C:\WINDOWS\system32\MRT
2015-05-14 01:54:19 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-14 01:54:02 ----D---- C:\WINDOWS\apppatch
2015-05-14 01:53:34 ----D---- C:\Program Files\Windows Journal
2015-05-14 01:45:05 ----D---- C:\WINDOWS\system32\catroot2
2015-05-06 15:16:26 ----D---- C:\ProgramData\NVIDIA Corporation
2015-05-06 15:14:31 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-06 15:14:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-05-06 15:12:56 ----RD---- C:\Users
2015-05-05 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-05-26 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-05-26 272248]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-05-26 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-05-26 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-05-26 442264]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-05-26 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-05-26 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-05-26 137288]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-05-26 273824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-09-10 3640024]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-09-19 27000]
R3 LEqdUsb;@oem27.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2014-03-19 77592]
R3 LHidEqd;@oem28.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2014-03-19 13080]
R3 LHidFilt;@oem33.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
R3 LMouFilt;@oem33.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2014-03-19 59160]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;@oem4.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-02-20 195728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-20 10284872]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-01 19600]
R3 nvvad_WaveExtensible;@oem43.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
S1 UsbCharger;UsbCharger; C:\WINDOWS\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-09-19 38264]
S3 USBAAPL64;@oem35.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-26 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-09-25 123904]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-01 1152656]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-03 329104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-01 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-01 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-05 935056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-05-26 4034896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-03-03 1484080]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-03-09 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2014-03-25 357144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-14 148080]
-----------------EOF-----------------
Odkaz na vlákno zde: http://forum.viry.cz/viewtopic.php?f=13&t=132286
text LOG souboru zde:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Vasek Odvarka at 2015-05-27 14:39:28
Microsoft Windows 8.1
System drive C: has 67 GB (58%) free of 114 GB
Total RAM: 8079 MB (73% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:39:29, on 27. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\FreeCommander\FreeCommander.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Vasek Odvarka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hppp&ts=1 ... SBF319779T
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - Startup: Dropbox.lnk = C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DraftSight API Service - Dassault Systemes - C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit (mi-raysat_3dsmax2010_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9989 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe" C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 724852b6-dc25-40e5-b2a2-9d6e7017536d 1
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
ngservice.exe pipeserver
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-9d535689-9144-4dec-b6f6-375bf5868dda -SystemEventPortName:HostProcess-05215aa4-913f-4ed2-b988-2f156d924c85 -IoCancelEventPortName:HostProcess-404f7497-15c6-4dfc-aa91-23f17d9ebab0 -NonStateChangingEventPortName:HostProcess-95e43148-e9da-4c12-bcd3-f40a1f773f22 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:481ae476-d44a-4f91-8055-ae2111bf502e -DeviceGroupId:WpdFsGroup
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
taskeng.exe {580BF1D2-404A-43BA-AC72-6F682B1CB71D}
taskhostex.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
\??\C:\WINDOWS\system32\conhost.exe 0x4
igfxEM.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\FreeCommander\FreeCommander.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\WINDOWS\system32\NOTEPAD.EXE" C:\rsit\info.txt
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Vasek Odvarka\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Vasek Odvarka\AppData\Roaming\Mozilla\Firefox\Profiles\jobmmbva.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
C:\Users\Vasek Odvarka\AppData\Roaming\Mozilla\Firefox\Profiles\jobmmbva.default\extensions\
0ZUj82g@m7.edu
E2@ESvHgm4i4.edu
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B8618C9-2314-421F-84E3-A976823D8AD3}]
bestadblocker - C:\Program Files (x86)\bestadblocker\xvpksXkN2R3wKK.x64.dll [2015-05-26 883712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-16 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DA8BEE9-108D-48D0-BDA4-7D54BE49219D}]
PriceMinus - C:\Program Files (x86)\PriceMinus\Q67ALbYXGHX90W.x64.dll [2015-05-26 883712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19 433944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-16 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19 364824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nvtmru"=C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-09-03 13651672]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2014-05-19 3100440]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-01 2685072]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-05-01 1570672]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2015-04-28 25700400]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-26 5515496]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-06-07 421160]
C:\Users\Vasek Odvarka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2014-03-25 66328]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-27 14:38:21 ----D---- C:\rsit
2015-05-27 14:38:21 ----D---- C:\Program Files\trend micro
2015-05-27 14:25:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-27 14:25:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-26 14:13:17 ----D---- C:\Program Files\BcadTools
2015-05-26 13:25:30 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-05-26 13:25:28 ----A---- C:\WINDOWS\avastSS.scr
2015-05-26 13:24:28 ----D---- C:\Program Files (x86)\bestadblocker
2015-05-26 13:24:20 ----D---- C:\Program Files (x86)\PriceMinus
2015-05-26 13:24:13 ----D---- C:\ProgramData\15263943396392598875
2015-05-26 13:24:13 ----D---- C:\Program Files (x86)\ProiceMinus
2015-05-21 10:12:43 ----D---- C:\WINDOWS\Migration
2015-05-14 01:56:09 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:56:08 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:46:56 ----AC---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-05-14 01:46:54 ----AC---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-05-14 01:46:51 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-05-14 01:46:51 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-05-14 01:46:10 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2015-05-14 01:46:10 ----A---- C:\WINDOWS\system32\schannel.dll
2015-05-14 01:46:08 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2015-05-14 01:46:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-14 01:46:07 ----A---- C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\system32\dbghelp.dll
2015-05-14 01:45:52 ----A---- C:\WINDOWS\system32\dbgeng.dll
2015-05-14 01:45:51 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll
2015-05-14 01:45:51 ----A---- C:\WINDOWS\system32\SRH.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\win32k.sys
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-05-14 01:45:50 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-05-14 01:45:49 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2015-05-14 01:45:49 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-14 01:45:48 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2015-05-14 01:45:47 ----A---- C:\WINDOWS\system32\services.exe
2015-05-14 01:45:46 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2015-05-14 01:45:45 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-05-14 01:45:45 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-05-14 01:45:42 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2015-05-14 01:45:40 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2015-05-14 01:45:40 ----A---- C:\WINDOWS\system32\sdbinst.exe
2015-05-14 01:45:36 ----AC---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-05-14 01:45:36 ----AC---- C:\WINDOWS\system32\drivers\dumpsd.sys
2015-05-14 01:45:36 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-05-14 01:45:36 ----A---- C:\WINDOWS\system32\certcli.dll
2015-05-14 01:45:35 ----A---- C:\WINDOWS\SYSWOW64\wpdshext.dll
2015-05-14 01:45:35 ----A---- C:\WINDOWS\system32\wpdshext.dll
2015-05-14 01:45:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-05-14 01:45:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\wininet.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-05-14 01:45:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\jscript.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\inseng.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ieui.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-05-14 01:45:32 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-05-07 15:25:57 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
2015-05-06 15:15:16 ----A---- C:\WINDOWS\SYSWOW64\d3dx11_43.dll
2015-05-06 15:15:16 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2015-05-06 15:15:04 ----A---- C:\WINDOWS\SYSWOW64\d3dx10_43.dll
2015-05-06 15:15:04 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2015-05-06 15:14:54 ----A---- C:\WINDOWS\SYSWOW64\D3DX9_43.dll
2015-05-06 15:14:54 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\SYSWOW64\nvspcap.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\SYSWOW64\nvspbridge.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\system32\nvspcap64.dll
2015-05-06 15:14:31 ----A---- C:\WINDOWS\system32\nvspbridge64.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\SYSWOW64\nvaudcap32v.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\system32\nvaudcap64v.dll
2015-05-06 15:12:19 ----A---- C:\WINDOWS\system32\drivers\nvvad64v.sys
======List of files/folders modified in the last 1 month======
2015-05-27 14:38:25 ----D---- C:\WINDOWS\Prefetch
2015-05-27 14:38:21 ----RD---- C:\Program Files
2015-05-27 14:33:21 ----SHD---- C:\System Volume Information
2015-05-27 14:25:36 ----RD---- C:\Program Files (x86)
2015-05-27 14:18:06 ----D---- C:\WINDOWS\Temp
2015-05-27 14:11:07 ----RD---- C:\WINDOWS\System32
2015-05-27 14:11:07 ----D---- C:\WINDOWS\Inf
2015-05-27 14:11:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-27 14:05:22 ----D---- C:\Users\Vasek Odvarka\AppData\Roaming\Dropbox
2015-05-27 14:04:23 ----D---- C:\ProgramData\NVIDIA
2015-05-27 13:24:28 ----HD---- C:\ProgramData
2015-05-27 13:23:02 ----D---- C:\WINDOWS\Tasks
2015-05-27 13:23:02 ----D---- C:\WINDOWS\system32\Tasks
2015-05-27 13:00:00 ----D---- C:\WINDOWS\system32\sru
2015-05-27 12:27:05 ----D---- C:\WINDOWS\Microsoft.NET
2015-05-26 13:27:12 ----D---- C:\WINDOWS\system32\DriverStore
2015-05-26 13:26:52 ----D---- C:\WINDOWS\system32\drivers
2015-05-26 13:25:29 ----D---- C:\Windows
2015-05-26 10:51:12 ----D---- C:\Users\Vasek Odvarka\AppData\Roaming\Autodesk
2015-05-26 10:51:12 ----D---- C:\ProgramData\Autodesk
2015-05-25 09:39:46 ----D---- C:\WINDOWS\system32\config
2015-05-21 10:45:45 ----D---- C:\WINDOWS\WinSxS
2015-05-21 10:12:49 ----D---- C:\WINDOWS\CbsTemp
2015-05-21 10:12:43 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-21 10:12:43 ----SD---- C:\WINDOWS\system32\GWX
2015-05-19 11:27:12 ----D---- C:\WINDOWS\AppReadiness
2015-05-18 14:13:16 ----D---- C:\WINDOWS\rescache
2015-05-18 11:12:58 ----RD---- C:\WINDOWS\assembly
2015-05-15 15:33:00 ----SHD---- C:\WINDOWS\Installer
2015-05-15 14:59:38 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-15 14:59:32 ----D---- C:\WINDOWS\SysWOW64
2015-05-15 14:56:42 ----D---- C:\Program Files\Internet Explorer
2015-05-15 14:54:42 ----RSD---- C:\WINDOWS\Fonts
2015-05-15 14:54:42 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-05-15 14:54:42 ----D---- C:\WINDOWS\system32\AdvancedInstallers
2015-05-15 10:06:39 ----HD---- C:\Program Files\WindowsApps
2015-05-14 01:56:02 ----D---- C:\WINDOWS\system32\MRT
2015-05-14 01:54:19 ----A---- C:\WINDOWS\system32\MRT.exe
2015-05-14 01:54:02 ----D---- C:\WINDOWS\apppatch
2015-05-14 01:53:34 ----D---- C:\Program Files\Windows Journal
2015-05-14 01:45:05 ----D---- C:\WINDOWS\system32\catroot2
2015-05-06 15:16:26 ----D---- C:\ProgramData\NVIDIA Corporation
2015-05-06 15:14:31 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-06 15:14:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-05-06 15:12:56 ----RD---- C:\Users
2015-05-05 19:59:54 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-05-26 65736]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-05-26 272248]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2013-02-19 21584]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-05-26 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-05-26 1047320]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-05-26 442264]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-05-26 29168]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-05-26 89944]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-05-26 137288]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-05-26 273824]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-03 4753336]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-09-10 3640024]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-09-19 27000]
R3 LEqdUsb;@oem27.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF USB Filter; C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys [2014-03-19 77592]
R3 LHidEqd;@oem28.inf,%FltDisplayName%;Logitech SetPoint Unifying KMDF HID Filter; C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys [2014-03-19 13080]
R3 LHidFilt;@oem33.inf,%LHidFilt.SvcDesc%;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2014-03-19 76568]
R3 LMouFilt;@oem33.inf,%LMouFilt.SvcDesc%;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2014-03-19 59160]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;@oem4.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-02-20 195728]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-02-20 10284872]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-01 19600]
R3 nvvad_WaveExtensible;@oem43.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
S1 UsbCharger;UsbCharger; C:\WINDOWS\system32\DRIVERS\UsbCharger.sys [2013-05-06 21584]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-09-19 38264]
S3 USBAAPL64;@oem35.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\System32\drivers\usbscan.sys [2014-10-29 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-26 343336]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2014-09-25 123904]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-01 1152656]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-03 329104]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-03-12 86016]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-01 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-01 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-02-05 935056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-05 410952]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-05-26 4034896]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-03 279952]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-03-03 1484080]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-03-09 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2014-03-25 357144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-14 148080]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: URL:Mal
Vlákno odemknuto, pokračujte v něm. Zde zamykám.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?