Zdravím,
po spuštění programů dochází k jejich nečinnosti až na několik desítek vteřin (program neodpovídá).
Děje se to např. i s Wordem či Firefoxem.
Prosím o kontrolo logu.
Děkuji.
===========================
Logfile of random's system information tool 1.10 (written by random/random)
Run by lst at 2015-07-10 08:58:11
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 2 GB (3%) free of 64 GB
Total RAM: 3966 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:58:41, on 10.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Apps\Volume 2 Portable\Volume2.exe
C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Apps\Skype\Phone\Skype.exe
C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Apps\4t Tray Minimizer\4t-min.exe
C:\Program Files\Avast\avastui.exe
C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Apps\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
C:\Apps\Mozilla Firefox\firefox.exe
C:\Apps\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\lst.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: (no name) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKCU\..\Run: [DesktopOK] "C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
O4 - HKCU\..\Run: [Volume2] C:\Apps\Volume 2 Portable\Volume2.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Ditto] C:\Apps\Ditto Portable\Ditto.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = C:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Dropbox.lnk = lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Apps\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Apps\Rainmeter Portable\Rainmeter.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Clip bookmark - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Apps\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Apps\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Apps\Everything Portable\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Apps\Raxco Perfect Disk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apps\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14287 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Online Armor\OAcat.exe"
"C:\Program Files (x86)\Online Armor\oasrv.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Apps\AOMEI Backupper\ABService.exe"
"C:\Program Files (x86)\Online Armor\oaui.exe"
"C:\Program Files (x86)\Online Armor\OAhlp.exe"
"C:\Apps\Networx\networx.exe" /auto
"C:\Windows\System32\TiltWheelMouse.exe"
taskeng.exe {F2E6779B-D36B-405C-9D36-66E65710E6E6}
"C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Apps\Everything Portable\Everything.exe" -svc
"C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
"C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Apps\Volume 2 Portable\Volume2.exe"
"C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Windows\system32\GWX\GWX.exe"
"C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Apps\Ditto Portable\Ditto.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Apps\4t Tray Minimizer\4t-min.exe" -tray
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Apps\4t Tray Minimizer\4t-min64.exe" "C:\Apps\4t Tray Minimizer\ShellEh604x64.dll"
\??\C:\Windows\system32\conhost.exe "-1050646457636234126-20608040536810580691624178031368294995-6996681511245938180
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe"
"C:\Apps\Raxco Perfect Disk\PDAgent.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" da21a3cc-d51f-491d-a39e-5a3ff5e450da 1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe"
\??\C:\Windows\system32\conhost.exe "-8766415051342238320-23094804754684310-17095744816178522771966270708-963068196
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-7537496-653805879-751160537-1833807462-1343047711-407577968-2059185351-198896991
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Apps\Evernote\EvernoteClipper.exe"
"C:\Apps\Rainmeter Portable\Rainmeter.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Apps\Crystal Disk Info Portable\DiskInfo.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-167f68d6-88fe-47be-aaa9-58b0eb87a5d3 -SystemEventPortName:HostProcess-4e82d378-6990-4afd-be20-6aae6c32f6b8 -IoCancelEventPortName:HostProcess-8dd6134e-a13e-4cb3-b4e9-f20f83007cd7 -NonStateChangingEventPortName:HostProcess-7f5038bf-eac9-461e-9da6-32779ef1f2ad -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a451b6ae-b50b-4dd6-a596-6790465daa9c -DeviceGroupId:WpdFsGroup
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Apps\Raxco Perfect Disk\PDAgentS1.exe"
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\servicing\TrustedInstaller.exe
"C:\Apps\Everything Portable\Everything.exe" -startup
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Apps\Mozilla Firefox\firefox.exe"
"C:\Apps\Mozilla Firefox\plugin-container.exe" --channel="6740.0.1381873262\1571420282" -greomni "C:\Apps\Mozilla Firefox\omni.ja" -appomni "C:\Apps\Mozilla Firefox\browser\omni.ja" -appdir "C:\Apps\Mozilla Firefox\browser" 6740 "\\.\pipe\gecko-crash-server-pipe.6740" tab
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
consent.exe 624 388 00000000035E68E0
"C:\Users\lst\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000Core.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000UA.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\extensions\
cs2@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
faviconrestorer@masserog.it
zoteroWinWordIntegration@zotero.org
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\
boardgamegeek.xml
dictionary.xml
gog.xml
google-scholar.xml
google-translate-ru-en.xml
imdb.xml
metacritic---games.xml
releaselog.xml
sfdcz.xml
titulkycom.xml
uloto-vpis-pod-sebou.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]
"NetWorx"=C:\Apps\Networx\networx.exe [2015-05-17 6611648]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DesktopOK"=C:\Apps\Desktop OK\DesktopOK_x64.exe [2014-01-15 417280]
"Volume2"=C:\Apps\Volume 2 Portable\Volume2.exe [2013-02-10 4710912]
"f.lux"=C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Apps\Skype\Phone\Skype.exe [2015-06-02 28782208]
"Dropbox Update"=C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"Ditto"=C:\Apps\Ditto Portable\Ditto.exe [2012-11-08 1717872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-05-11 5515496]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-06-26 480768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4t Tray Minimizer.lnk - C:\Apps\4t Tray Minimizer\4t-min.exe
Dropbox.lnk - C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Apps\Evernote\EvernoteClipper.exe
Rainmeter.lnk - C:\Apps\Rainmeter Portable\Rainmeter.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Apps\Process Hacker Portable\ProcessHacker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-10 08:58:11 ----D---- C:\rsit
2015-07-10 08:58:11 ----D---- C:\Program Files\trend micro
2015-07-07 21:40:51 ----A---- C:\Windows\system32\invagent.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\aeinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\devinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-07 21:40:50 ----A---- C:\Windows\system32\aepdu.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\acmigration.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups2.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wucltux.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-07 09:42:42 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-07 09:36:50 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-07 09:31:47 ----D---- C:\NVIDIA
2015-07-01 05:55:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-01 05:55:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\crypt32.dll
2015-06-17 16:29:19 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-17 12:26:21 ----D---- C:\ProgramData\Dropbox
======List of files/folders modified in the last 1 month======
2015-07-10 08:58:23 ----D---- C:\Windows\Prefetch
2015-07-10 08:58:14 ----D---- C:\Windows\Temp
2015-07-10 08:58:11 ----D---- C:\Program Files
2015-07-10 08:57:58 ----D---- C:\Users\lst\AppData\Roaming\Skype
2015-07-10 08:39:52 ----RD---- C:\Dropbox
2015-07-10 08:39:38 ----D---- C:\Windows\system32\config
2015-07-10 08:39:31 ----D---- C:\Users\lst\AppData\Roaming\Dropbox
2015-07-10 08:35:52 ----D---- C:\ProgramData\NVIDIA
2015-07-10 01:28:20 ----AD---- C:\ProgramData\TEMP
2015-07-09 17:00:35 ----D---- C:\TEMP
2015-07-09 15:58:22 ----D---- C:\__
2015-07-09 12:51:09 ----D---- C:\Windows\System32
2015-07-09 12:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-09 12:51:08 ----D---- C:\Windows\inf
2015-07-09 12:50:54 ----SHD---- C:\Windows\Installer
2015-07-09 11:31:18 ----D---- C:\Windows\SysWOW64
2015-07-09 11:31:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-08 19:30:20 ----D---- C:\Windows\system32\drivers
2015-07-08 19:30:19 ----D---- C:\Windows\system32\DriverStore
2015-07-08 15:40:01 ----D---- C:\ProgramData\Microsoft Help
2015-07-08 15:39:21 ----D---- C:\Windows\SoftwareDistribution
2015-07-08 08:51:04 ----D---- C:\Windows
2015-07-08 08:03:26 ----D---- C:\Windows\winsxs
2015-07-08 00:06:37 ----SD---- C:\Windows\system32\CompatTel
2015-07-08 00:06:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\wbem
2015-07-08 00:06:37 ----D---- C:\Windows\system32\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\appraiser
2015-07-08 00:06:37 ----D---- C:\Windows\AppPatch
2015-07-07 21:43:20 ----D---- C:\Apps
2015-07-07 09:58:10 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-07 09:41:32 ----D---- C:\Users\lst\AppData\Roaming\GameSave Manager 3
2015-07-07 09:39:21 ----D---- C:\Windows\system32\catroot2
2015-07-07 09:37:10 ----D---- C:\ProgramData\boost_interprocess
2015-07-02 13:11:13 ----D---- C:\Windows\system32\NDF
2015-06-28 10:30:41 ----RD---- C:\APPS - PORTABLE
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\uTorrent
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2015-06-28 09:10:23 ----D---- C:\Windows\debug
2015-06-24 13:36:43 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-24 13:36:42 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-24 13:36:31 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36:30 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-23 13:30:20 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-19 09:18:11 ----D---- C:\Program Files\Avast
2015-06-17 12:26:24 ----D---- C:\Windows\Tasks
2015-06-17 12:26:24 ----D---- C:\Windows\system32\Tasks
2015-06-17 12:26:21 ----HD---- C:\ProgramData
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-15 11:39:47 ----D---- C:\ProgramData\Package Cache
2015-06-13 09:14:05 ----D---- C:\ProgramData\Skype
2015-06-11 18:28:59 ----SD---- C:\Users\lst\AppData\Roaming\Microsoft
2015-06-11 01:39:43 ----D---- C:\Windows\PolicyDefinitions
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-11 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 283064]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2013-10-11 64720]
R1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2013-10-11 62008]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2013-10-11 52360]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 e1kexpress;Intel(R) Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2013-10-11 35368]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys []
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-28 137288]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-04-24 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-04-28 343336]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Apps\AOMEI Backupper\ABService.exe [2014-04-08 29912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Everything;Everything; C:\Apps\Everything Portable\Everything.exe [2014-08-06 1441792]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2013-10-11 584864]
R2 PDAgent;PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [2012-10-04 1976696]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
R2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2013-10-11 4457688]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-06-26 119296]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
S2 SkypeUpdate;Skype Updater; C:\Apps\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Velká prodleva v odpovědích programů
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Velká prodleva v odpovědích programů
Win10 Pro = Avast Free = Comodo Firewall Free
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velká prodleva v odpovědích programů
Zdravím!
Málo volného místa na disku. Spusťte tuto utilitu:
Málo volného místa na disku. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velká prodleva v odpovědích programů
Zatraceně, tak to mě opravdu nenapadlo.
Až to dořešíme, uvolním nějaké místo na systémovém disku.
Akce provedena, log níže.
# AdwCleaner v4.208 - Log vytvořen 10/07/2015 v 22:54:45
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-10.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : lst - DESKTOP
# Spuštěno z : C:\Users\lst\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Soubor Smazáno : C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotbiblioswitchlocal@somwhere.org.xpi
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v27.0 (cs)
-\\ Google Chrome v43.0.2357.132
-\\ Chromium v
*************************
AdwCleaner[R1].txt - [1082 bytů] - [10/07/2015 22:46:03]
AdwCleaner[S1].txt - [1006 bytů] - [10/07/2015 22:54:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1064 bytů] ##########
Až to dořešíme, uvolním nějaké místo na systémovém disku.
Akce provedena, log níže.
# AdwCleaner v4.208 - Log vytvořen 10/07/2015 v 22:54:45
# Aktualizováno 09/07/2015 by Xplode
# Databáze : 2015-07-10.1 [Server]
# Operační system : Windows 7 Professional Service Pack 1 (x64)
# Uživatelské jméno : lst - DESKTOP
# Spuštěno z : C:\Users\lst\Desktop\adwcleaner_4.208.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
Soubor Smazáno : C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\Extensions\zotbiblioswitchlocal@somwhere.org.xpi
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v27.0 (cs)
-\\ Google Chrome v43.0.2357.132
-\\ Chromium v
*************************
AdwCleaner[R1].txt - [1082 bytů] - [10/07/2015 22:46:03]
AdwCleaner[S1].txt - [1006 bytů] - [10/07/2015 22:54:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1064 bytů] ##########
Win10 Pro = Avast Free = Comodo Firewall Free
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velká prodleva v odpovědích programů
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velká prodleva v odpovědích programů
Tady je log.
Logfile of random's system information tool 1.10 (written by random/random)
Run by lst at 2015-07-11 12:39:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (4%) free of 64 GB
Total RAM: 3966 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:39:13, on 11.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Apps\Volume 2 Portable\Volume2.exe
C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Apps\Skype\Phone\Skype.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Apps\4t Tray Minimizer\4t-min.exe
C:\Program Files\Avast\avastui.exe
C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
C:\Apps\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\trend micro\lst.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: (no name) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKCU\..\Run: [DesktopOK] "C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
O4 - HKCU\..\Run: [Volume2] C:\Apps\Volume 2 Portable\Volume2.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Ditto] C:\Apps\Ditto Portable\Ditto.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
/build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
/build:7601 (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = C:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Dropbox.lnk = lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Apps\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Apps\Rainmeter Portable\Rainmeter.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Clip bookmark - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Apps\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes
\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Apps\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Apps\Everything Portable\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher
\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit
Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience
Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file
missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service
\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Apps\Raxco Perfect Disk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apps\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision
\nvSCPAPISvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player
\wmpnetwk.exe (file missing)
--
End of file - 14131 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Online Armor\OAcat.exe"
"C:\Program Files (x86)\Online Armor\oasrv.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Apps\AOMEI Backupper\ABService.exe"
"C:\Program Files (x86)\Online Armor\oaui.exe"
"C:\Program Files (x86)\Online Armor\OAhlp.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Apps\Everything Portable\Everything.exe" -svc
"C:\Apps\Networx\networx.exe" /auto
taskeng.exe {49FD3724-83DB-4F26-A4EA-8C28C2293C31}
"C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
"C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe"
"C:\Apps\Volume 2 Portable\Volume2.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Apps\Ditto Portable\Ditto.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Apps\4t Tray Minimizer\4t-min.exe" -tray
"C:\Apps\Raxco Perfect Disk\PDAgent.exe"
"C:\Apps\4t Tray Minimizer\4t-min64.exe" "C:\Apps\4t Tray Minimizer\ShellEh604x64.dll"
\??\C:\Windows\system32\conhost.exe "1231635944-8192705357937341001624314557-1513380486-614822644142147257-1888987934
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" da21a3cc-d51f-491d-a39e-5a3ff5e450da 1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe"
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "310265853-2043954354-14630108031193771728-1241679953260140702927762298-599783965
\??\C:\Windows\system32\conhost.exe "-119234417098600135492011357646523858919502087-1268245549-1225215033491588772
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Apps\Crystal Disk Info Portable\DiskInfo.exe"
"C:\Apps\Evernote\EvernoteClipper.exe"
"C:\Apps\Rainmeter Portable\Rainmeter.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-df658427-acf3-4e7b-a24e-6915db522cde -
SystemEventPortName:HostProcess-2ea2955e-b91f-42af-906a-4e54bc5968f9 -IoCancelEventPortName:HostProcess-8b596387-44fa-476b-88e6-197e0d712207 -
NonStateChangingEventPortName:HostProcess-3de80b30-6be2-41d7-a3ee-ab32502f82e5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709
-LifetimeId:55c638db-2aee-4c01-8700-14e287d78fef -DeviceGroupId:WpdFsGroup
"C:\Apps\Raxco Perfect Disk\PDAgentS1.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Apps\Everything Portable\Everything.exe" -startup
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\splwow64.exe 8192
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\lst\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000Core.job - C:\Users\lst\AppData\Local\Dropbox\Update
\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000UA.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
/ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\extensions\
cs2@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
faviconrestorer@masserog.it
zoteroWinWordIntegration@zotero.org
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\
boardgamegeek.xml
dictionary.xml
gog.xml
google-scholar.xml
google-translate-ru-en.xml
imdb.xml
metacritic---games.xml
releaselog.xml
sfdcz.xml
titulkycom.xml
uloto-vpis-pod-sebou.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]
"NetWorx"=C:\Apps\Networx\networx.exe [2015-05-17 6611648]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DesktopOK"=C:\Apps\Desktop OK\DesktopOK_x64.exe [2014-01-15 417280]
"Volume2"=C:\Apps\Volume 2 Portable\Volume2.exe [2013-02-10 4710912]
"f.lux"=C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Apps\Skype\Phone\Skype.exe [2015-06-02 28782208]
"Dropbox Update"=C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"Ditto"=C:\Apps\Ditto Portable\Ditto.exe [2012-11-08 1717872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-05-11 5515496]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-06-26 480768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4t Tray Minimizer.lnk - C:\Apps\4t Tray Minimizer\4t-min.exe
Dropbox.lnk - C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Apps\Evernote\EvernoteClipper.exe
Rainmeter.lnk - C:\Apps\Rainmeter Portable\Rainmeter.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Apps\Process Hacker Portable\ProcessHacker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-10 22:45:20 ----D---- C:\AdwCleaner
2015-07-10 08:58:11 ----D---- C:\rsit
2015-07-10 08:58:11 ----D---- C:\Program Files\trend micro
2015-07-07 21:40:51 ----A---- C:\Windows\system32\invagent.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\aeinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\devinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-07 21:40:50 ----A---- C:\Windows\system32\aepdu.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\acmigration.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups2.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wucltux.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-07 09:42:42 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-07 09:36:50 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-07 09:31:47 ----D---- C:\NVIDIA
2015-07-01 05:55:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-01 05:55:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\crypt32.dll
2015-06-17 16:29:19 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-17 12:26:21 ----D---- C:\ProgramData\Dropbox
======List of files/folders modified in the last 1 month======
2015-07-11 12:39:14 ----D---- C:\Windows\Temp
2015-07-11 12:39:00 ----AD---- C:\ProgramData\TEMP
2015-07-11 12:38:24 ----D---- C:\Users\lst\AppData\Roaming\Skype
2015-07-11 10:02:32 ----D---- C:\Windows\Prefetch
2015-07-11 08:17:55 ----D---- C:\Windows\system32\config
2015-07-11 08:05:33 ----RD---- C:\Dropbox
2015-07-11 08:05:10 ----D---- C:\Users\lst\AppData\Roaming\Dropbox
2015-07-11 08:01:07 ----D---- C:\ProgramData\NVIDIA
2015-07-10 22:27:08 ----D---- C:\Users\lst\AppData\Roaming\GameSave Manager 3
2015-07-10 22:07:33 ----RD---- C:\APPS - PORTABLE
2015-07-10 11:12:47 ----D---- C:\Windows\winsxs
2015-07-10 08:58:11 ----D---- C:\Program Files
2015-07-09 17:00:35 ----D---- C:\TEMP
2015-07-09 15:58:22 ----D---- C:\__
2015-07-09 12:51:09 ----D---- C:\Windows\System32
2015-07-09 12:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-09 12:51:08 ----D---- C:\Windows\inf
2015-07-09 12:50:54 ----SHD---- C:\Windows\Installer
2015-07-09 11:31:18 ----D---- C:\Windows\SysWOW64
2015-07-09 11:31:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-08 19:30:20 ----D---- C:\Windows\system32\drivers
2015-07-08 19:30:19 ----D---- C:\Windows\system32\DriverStore
2015-07-08 15:40:01 ----D---- C:\ProgramData\Microsoft Help
2015-07-08 15:39:21 ----D---- C:\Windows\SoftwareDistribution
2015-07-08 08:51:04 ----D---- C:\Windows
2015-07-08 00:06:37 ----SD---- C:\Windows\system32\CompatTel
2015-07-08 00:06:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\wbem
2015-07-08 00:06:37 ----D---- C:\Windows\system32\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\appraiser
2015-07-08 00:06:37 ----D---- C:\Windows\AppPatch
2015-07-07 21:43:20 ----D---- C:\Apps
2015-07-07 09:58:10 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-07 09:39:21 ----D---- C:\Windows\system32\catroot2
2015-07-07 09:37:10 ----D---- C:\ProgramData\boost_interprocess
2015-07-02 13:11:13 ----D---- C:\Windows\system32\NDF
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\uTorrent
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2015-06-28 09:10:23 ----D---- C:\Windows\debug
2015-06-24 13:36:43 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-24 13:36:42 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-24 13:36:31 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36:30 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-23 13:30:20 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-19 09:18:11 ----D---- C:\Program Files\Avast
2015-06-17 12:26:24 ----D---- C:\Windows\Tasks
2015-06-17 12:26:24 ----D---- C:\Windows\system32\Tasks
2015-06-17 12:26:21 ----HD---- C:\ProgramData
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-15 11:39:47 ----D---- C:\ProgramData\Package Cache
2015-06-13 09:14:05 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-11 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 283064]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2013-10-11 64720]
R1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2013-10-11 62008]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2013-10-11 52360]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-28 137288]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 e1kexpress;Intel(R) Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2013-10-11 35368]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys []
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-04-24 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-04-28 343336]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Apps\AOMEI Backupper\ABService.exe [2014-04-08 29912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Everything;Everything; C:\Apps\Everything Portable\Everything.exe [2014-08-06 1441792]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28
244448]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-
06-24 1152656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2013-10-11 584864]
R2 PDAgent;PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [2012-10-04 1976696]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
R2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2013-10-11 4457688]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-06-26 119296]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09
4925184]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12
103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11
124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
S2 SkypeUpdate;Skype Updater; C:\Apps\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
[2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by lst at 2015-07-11 12:39:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (4%) free of 64 GB
Total RAM: 3966 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:39:13, on 11.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Apps\Volume 2 Portable\Volume2.exe
C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Apps\Skype\Phone\Skype.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Apps\4t Tray Minimizer\4t-min.exe
C:\Program Files\Avast\avastui.exe
C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
C:\Apps\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files\trend micro\lst.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: (no name) - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKCU\..\Run: [DesktopOK] "C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
O4 - HKCU\..\Run: [Volume2] C:\Apps\Volume 2 Portable\Volume2.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Ditto] C:\Apps\Ditto Portable\Ditto.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
/build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915"
/build:7601 (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = C:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Dropbox.lnk = lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Apps\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Apps\Rainmeter Portable\Rainmeter.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Clip bookmark - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Apps\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes
\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Apps\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Apps\Everything Portable\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher
\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit
Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience
Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file
missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service
\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Apps\Raxco Perfect Disk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apps\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision
\nvSCPAPISvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player
\wmpnetwk.exe (file missing)
--
End of file - 14131 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Online Armor\OAcat.exe"
"C:\Program Files (x86)\Online Armor\oasrv.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Apps\AOMEI Backupper\ABService.exe"
"C:\Program Files (x86)\Online Armor\oaui.exe"
"C:\Program Files (x86)\Online Armor\OAhlp.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Apps\Everything Portable\Everything.exe" -svc
"C:\Apps\Networx\networx.exe" /auto
taskeng.exe {49FD3724-83DB-4F26-A4EA-8C28C2293C31}
"C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
"C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe"
"C:\Apps\Volume 2 Portable\Volume2.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Apps\Ditto Portable\Ditto.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Apps\4t Tray Minimizer\4t-min.exe" -tray
"C:\Apps\Raxco Perfect Disk\PDAgent.exe"
"C:\Apps\4t Tray Minimizer\4t-min64.exe" "C:\Apps\4t Tray Minimizer\ShellEh604x64.dll"
\??\C:\Windows\system32\conhost.exe "1231635944-8192705357937341001624314557-1513380486-614822644142147257-1888987934
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" da21a3cc-d51f-491d-a39e-5a3ff5e450da 1
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe"
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "310265853-2043954354-14630108031193771728-1241679953260140702927762298-599783965
\??\C:\Windows\system32\conhost.exe "-119234417098600135492011357646523858919502087-1268245549-1225215033491588772
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Apps\Crystal Disk Info Portable\DiskInfo.exe"
"C:\Apps\Evernote\EvernoteClipper.exe"
"C:\Apps\Rainmeter Portable\Rainmeter.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-df658427-acf3-4e7b-a24e-6915db522cde -
SystemEventPortName:HostProcess-2ea2955e-b91f-42af-906a-4e54bc5968f9 -IoCancelEventPortName:HostProcess-8b596387-44fa-476b-88e6-197e0d712207 -
NonStateChangingEventPortName:HostProcess-3de80b30-6be2-41d7-a3ee-ab32502f82e5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709
-LifetimeId:55c638db-2aee-4c01-8700-14e287d78fef -DeviceGroupId:WpdFsGroup
"C:\Apps\Raxco Perfect Disk\PDAgentS1.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Apps\Everything Portable\Everything.exe" -startup
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\splwow64.exe 8192
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\lst\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000Core.job - C:\Users\lst\AppData\Local\Dropbox\Update
\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000UA.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
/ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\extensions\
cs2@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
faviconrestorer@masserog.it
zoteroWinWordIntegration@zotero.org
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\
boardgamegeek.xml
dictionary.xml
gog.xml
google-scholar.xml
google-translate-ru-en.xml
imdb.xml
metacritic---games.xml
releaselog.xml
sfdcz.xml
titulkycom.xml
uloto-vpis-pod-sebou.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]
"NetWorx"=C:\Apps\Networx\networx.exe [2015-05-17 6611648]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DesktopOK"=C:\Apps\Desktop OK\DesktopOK_x64.exe [2014-01-15 417280]
"Volume2"=C:\Apps\Volume 2 Portable\Volume2.exe [2013-02-10 4710912]
"f.lux"=C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Apps\Skype\Phone\Skype.exe [2015-06-02 28782208]
"Dropbox Update"=C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"Ditto"=C:\Apps\Ditto Portable\Ditto.exe [2012-11-08 1717872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-05-11 5515496]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-06-26 480768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4t Tray Minimizer.lnk - C:\Apps\4t Tray Minimizer\4t-min.exe
Dropbox.lnk - C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Apps\Evernote\EvernoteClipper.exe
Rainmeter.lnk - C:\Apps\Rainmeter Portable\Rainmeter.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Apps\Process Hacker Portable\ProcessHacker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-10 22:45:20 ----D---- C:\AdwCleaner
2015-07-10 08:58:11 ----D---- C:\rsit
2015-07-10 08:58:11 ----D---- C:\Program Files\trend micro
2015-07-07 21:40:51 ----A---- C:\Windows\system32\invagent.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\aeinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\devinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-07 21:40:50 ----A---- C:\Windows\system32\aepdu.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\acmigration.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups2.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wucltux.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-07 09:42:42 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-07 09:36:50 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-07 09:31:47 ----D---- C:\NVIDIA
2015-07-01 05:55:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-01 05:55:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\crypt32.dll
2015-06-17 16:29:19 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-17 12:26:21 ----D---- C:\ProgramData\Dropbox
======List of files/folders modified in the last 1 month======
2015-07-11 12:39:14 ----D---- C:\Windows\Temp
2015-07-11 12:39:00 ----AD---- C:\ProgramData\TEMP
2015-07-11 12:38:24 ----D---- C:\Users\lst\AppData\Roaming\Skype
2015-07-11 10:02:32 ----D---- C:\Windows\Prefetch
2015-07-11 08:17:55 ----D---- C:\Windows\system32\config
2015-07-11 08:05:33 ----RD---- C:\Dropbox
2015-07-11 08:05:10 ----D---- C:\Users\lst\AppData\Roaming\Dropbox
2015-07-11 08:01:07 ----D---- C:\ProgramData\NVIDIA
2015-07-10 22:27:08 ----D---- C:\Users\lst\AppData\Roaming\GameSave Manager 3
2015-07-10 22:07:33 ----RD---- C:\APPS - PORTABLE
2015-07-10 11:12:47 ----D---- C:\Windows\winsxs
2015-07-10 08:58:11 ----D---- C:\Program Files
2015-07-09 17:00:35 ----D---- C:\TEMP
2015-07-09 15:58:22 ----D---- C:\__
2015-07-09 12:51:09 ----D---- C:\Windows\System32
2015-07-09 12:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-09 12:51:08 ----D---- C:\Windows\inf
2015-07-09 12:50:54 ----SHD---- C:\Windows\Installer
2015-07-09 11:31:18 ----D---- C:\Windows\SysWOW64
2015-07-09 11:31:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-08 19:30:20 ----D---- C:\Windows\system32\drivers
2015-07-08 19:30:19 ----D---- C:\Windows\system32\DriverStore
2015-07-08 15:40:01 ----D---- C:\ProgramData\Microsoft Help
2015-07-08 15:39:21 ----D---- C:\Windows\SoftwareDistribution
2015-07-08 08:51:04 ----D---- C:\Windows
2015-07-08 00:06:37 ----SD---- C:\Windows\system32\CompatTel
2015-07-08 00:06:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\wbem
2015-07-08 00:06:37 ----D---- C:\Windows\system32\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\appraiser
2015-07-08 00:06:37 ----D---- C:\Windows\AppPatch
2015-07-07 21:43:20 ----D---- C:\Apps
2015-07-07 09:58:10 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-07 09:39:21 ----D---- C:\Windows\system32\catroot2
2015-07-07 09:37:10 ----D---- C:\ProgramData\boost_interprocess
2015-07-02 13:11:13 ----D---- C:\Windows\system32\NDF
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\uTorrent
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2015-06-28 09:10:23 ----D---- C:\Windows\debug
2015-06-24 13:36:43 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-24 13:36:42 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-24 13:36:31 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36:30 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-23 13:30:20 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-19 09:18:11 ----D---- C:\Program Files\Avast
2015-06-17 12:26:24 ----D---- C:\Windows\Tasks
2015-06-17 12:26:24 ----D---- C:\Windows\system32\Tasks
2015-06-17 12:26:21 ----HD---- C:\ProgramData
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-15 11:39:47 ----D---- C:\ProgramData\Package Cache
2015-06-13 09:14:05 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-11 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 283064]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2013-10-11 64720]
R1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2013-10-11 62008]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2013-10-11 52360]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-28 137288]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 e1kexpress;Intel(R) Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2013-10-11 35368]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
R3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys []
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-04-24 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-04-28 343336]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Apps\AOMEI Backupper\ABService.exe [2014-04-08 29912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Everything;Everything; C:\Apps\Everything Portable\Everything.exe [2014-08-06 1441792]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28
244448]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-
06-24 1152656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2013-10-11 584864]
R2 PDAgent;PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [2012-10-04 1976696]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
R2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2013-10-11 4457688]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-06-26 119296]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09
4925184]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12
103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11
124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
S2 SkypeUpdate;Skype Updater; C:\Apps\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
[2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
[2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Win10 Pro = Avast Free = Comodo Firewall Free
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velká prodleva v odpovědích programů
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velká prodleva v odpovědích programů
Logfile of random's system information tool 1.10 (written by random/random)
Run by lst at 2015-07-11 13:49:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (5%) free of 64 GB
Total RAM: 3966 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:24, on 11.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Apps\Volume 2 Portable\Volume2.exe
C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Apps\Skype\Phone\Skype.exe
C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files\Avast\avastui.exe
C:\Apps\4t Tray Minimizer\4t-min.exe
C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Apps\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Apps\Total Commander\TOTALCMD.EXE
C:\Program Files\trend micro\lst.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKCU\..\Run: [DesktopOK] "C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
O4 - HKCU\..\Run: [Volume2] C:\Apps\Volume 2 Portable\Volume2.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Ditto] C:\Apps\Ditto Portable\Ditto.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = C:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Dropbox.lnk = lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Apps\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Apps\Rainmeter Portable\Rainmeter.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Clip bookmark - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Apps\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Apps\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Apps\Everything Portable\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Apps\Raxco Perfect Disk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apps\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14169 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Online Armor\OAcat.exe"
"C:\Program Files (x86)\Online Armor\oasrv.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Apps\AOMEI Backupper\ABService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Apps\Everything Portable\Everything.exe" -svc
taskeng.exe {D5771706-F901-4E42-8FD2-6C77C07AA828}
"C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {449FFD3E-52AD-49FA-BAA4-32E622120D0E}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Apps\Raxco Perfect Disk\PDAgent.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" da21a3cc-d51f-491d-a39e-5a3ff5e450da 1
\??\C:\Windows\system32\conhost.exe "-1329815585268411318-1432960732-493721543-1339388477-144641580271355683-8012826
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "48670765-208029955-258045509-1237696346-8551448943873651285684773582145621502
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e34cb1ad-f463-4d6f-ba14-7a78969f5cb2 -SystemEventPortName:HostProcess-3fed2055-4322-42f0-9665-70873065e3f9 -IoCancelEventPortName:HostProcess-6a3d7b68-dfc3-43e7-896f-6edb7011d73d -NonStateChangingEventPortName:HostProcess-f5b23500-96df-4598-9737-ff9bde4f8d06 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fa9064c3-422f-4d9e-aa72-508c9d4bf0eb -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Apps\Raxco Perfect Disk\PDAgentS1.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2534191315-2677609168-2277508931-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2534191315-2677609168-2277508931-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Apps\Crystal Disk Info Portable\DiskInfo.exe"
"C:\Program Files (x86)\Online Armor\oaui.exe"
"C:\Program Files (x86)\Online Armor\OAhlp.exe"
"C:\Apps\Networx\networx.exe" /auto
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Apps\Volume 2 Portable\Volume2.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Apps\Ditto Portable\Ditto.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Apps\4t Tray Minimizer\4t-min.exe" -tray
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe"
"C:\Apps\4t Tray Minimizer\4t-min64.exe" "C:\Apps\4t Tray Minimizer\ShellEh604x64.dll"
\??\C:\Windows\system32\conhost.exe "136556435111925667442032623493-4767805111868909098-9024786391605785300223704649
"C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Apps\Evernote\EvernoteClipper.exe"
"C:\Apps\Rainmeter Portable\Rainmeter.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Apps\Everything Portable\Everything.exe" -startup
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Apps\Total Commander\TOTALCMD.EXE"
"C:\Users\lst\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000Core.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000UA.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\extensions\
cs2@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
faviconrestorer@masserog.it
zoteroWinWordIntegration@zotero.org
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\
boardgamegeek.xml
dictionary.xml
gog.xml
google-scholar.xml
google-translate-ru-en.xml
imdb.xml
metacritic---games.xml
releaselog.xml
sfdcz.xml
titulkycom.xml
uloto-vpis-pod-sebou.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]
"NetWorx"=C:\Apps\Networx\networx.exe [2015-05-17 6611648]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DesktopOK"=C:\Apps\Desktop OK\DesktopOK_x64.exe [2014-01-15 417280]
"Volume2"=C:\Apps\Volume 2 Portable\Volume2.exe [2013-02-10 4710912]
"f.lux"=C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Apps\Skype\Phone\Skype.exe [2015-06-02 28782208]
"Dropbox Update"=C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"Ditto"=C:\Apps\Ditto Portable\Ditto.exe [2012-11-08 1717872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-05-11 5515496]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-06-26 480768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4t Tray Minimizer.lnk - C:\Apps\4t Tray Minimizer\4t-min.exe
Dropbox.lnk - C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Apps\Evernote\EvernoteClipper.exe
Rainmeter.lnk - C:\Apps\Rainmeter Portable\Rainmeter.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Apps\Process Hacker Portable\ProcessHacker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-11 13:22:41 ----D---- C:\_OTM
2015-07-10 22:45:20 ----D---- C:\AdwCleaner
2015-07-10 08:58:11 ----D---- C:\rsit
2015-07-10 08:58:11 ----D---- C:\Program Files\trend micro
2015-07-07 21:40:51 ----A---- C:\Windows\system32\invagent.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\aeinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\devinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-07 21:40:50 ----A---- C:\Windows\system32\aepdu.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\acmigration.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups2.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wucltux.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-07 09:42:42 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-07 09:36:50 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-07 09:31:47 ----D---- C:\NVIDIA
2015-07-01 05:55:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-01 05:55:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\crypt32.dll
2015-06-17 16:29:19 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-17 12:26:21 ----D---- C:\ProgramData\Dropbox
======List of files/folders modified in the last 1 month======
2015-07-11 13:49:25 ----D---- C:\Windows\Prefetch
2015-07-11 13:48:44 ----RD---- C:\Dropbox
2015-07-11 13:48:27 ----D---- C:\Users\lst\AppData\Roaming\Skype
2015-07-11 13:48:17 ----D---- C:\Users\lst\AppData\Roaming\Dropbox
2015-07-11 13:47:45 ----D---- C:\Windows\system32\config
2015-07-11 13:45:21 ----D---- C:\Windows\Temp
2015-07-11 13:43:57 ----D---- C:\ProgramData\NVIDIA
2015-07-11 13:22:43 ----D---- C:\Windows\Tasks
2015-07-11 13:09:50 ----AD---- C:\ProgramData\TEMP
2015-07-10 22:27:08 ----D---- C:\Users\lst\AppData\Roaming\GameSave Manager 3
2015-07-10 22:07:33 ----RD---- C:\APPS - PORTABLE
2015-07-10 11:12:47 ----D---- C:\Windows\winsxs
2015-07-10 08:58:11 ----D---- C:\Program Files
2015-07-09 17:00:35 ----D---- C:\TEMP
2015-07-09 15:58:22 ----D---- C:\__
2015-07-09 12:51:09 ----D---- C:\Windows\System32
2015-07-09 12:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-09 12:51:08 ----D---- C:\Windows\inf
2015-07-09 12:50:54 ----SHD---- C:\Windows\Installer
2015-07-09 11:31:18 ----D---- C:\Windows\SysWOW64
2015-07-09 11:31:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-08 19:30:20 ----D---- C:\Windows\system32\drivers
2015-07-08 19:30:19 ----D---- C:\Windows\system32\DriverStore
2015-07-08 15:40:01 ----D---- C:\ProgramData\Microsoft Help
2015-07-08 15:39:21 ----D---- C:\Windows\SoftwareDistribution
2015-07-08 08:51:04 ----D---- C:\Windows
2015-07-08 00:06:37 ----SD---- C:\Windows\system32\CompatTel
2015-07-08 00:06:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\wbem
2015-07-08 00:06:37 ----D---- C:\Windows\system32\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\appraiser
2015-07-08 00:06:37 ----D---- C:\Windows\AppPatch
2015-07-07 21:43:20 ----D---- C:\Apps
2015-07-07 09:58:10 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-07 09:39:21 ----D---- C:\Windows\system32\catroot2
2015-07-07 09:37:10 ----D---- C:\ProgramData\boost_interprocess
2015-07-02 13:11:13 ----D---- C:\Windows\system32\NDF
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\uTorrent
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2015-06-28 09:10:23 ----D---- C:\Windows\debug
2015-06-24 13:36:43 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-24 13:36:42 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-24 13:36:31 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36:30 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-23 13:30:20 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-19 09:18:11 ----D---- C:\Program Files\Avast
2015-06-17 12:26:24 ----D---- C:\Windows\system32\Tasks
2015-06-17 12:26:21 ----HD---- C:\ProgramData
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-15 11:39:47 ----D---- C:\ProgramData\Package Cache
2015-06-13 09:14:05 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-11 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 283064]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2013-10-11 64720]
R1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2013-10-11 62008]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2013-10-11 52360]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-28 137288]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 e1kexpress;Intel(R) Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2013-10-11 35368]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-04-24 14464]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-04-28 343336]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Apps\AOMEI Backupper\ABService.exe [2014-04-08 29912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Everything;Everything; C:\Apps\Everything Portable\Everything.exe [2014-08-06 1441792]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2013-10-11 584864]
R2 PDAgent;PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [2012-10-04 1976696]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
R2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2013-10-11 4457688]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-06-26 119296]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S2 SkypeUpdate;Skype Updater; C:\Apps\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by lst at 2015-07-11 13:49:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 3 GB (5%) free of 64 GB
Total RAM: 3966 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:24, on 11.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Apps\Crystal Disk Info Portable\DiskInfo.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Apps\Volume 2 Portable\Volume2.exe
C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Apps\Skype\Phone\Skype.exe
C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files\Avast\avastui.exe
C:\Apps\4t Tray Minimizer\4t-min.exe
C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Apps\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Apps\Total Commander\TOTALCMD.EXE
C:\Program Files\trend micro\lst.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKCU\..\Run: [DesktopOK] "C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
O4 - HKCU\..\Run: [Volume2] C:\Apps\Volume 2 Portable\Volume2.exe
O4 - HKCU\..\Run: [f.lux] "C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Skype] "C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Ditto] C:\Apps\Ditto Portable\Ditto.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: 4t Tray Minimizer.lnk = C:\Apps\4t Tray Minimizer\4t-min.exe
O4 - Startup: Dropbox.lnk = lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Apps\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Apps\Rainmeter Portable\Rainmeter.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Clip bookmark - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Nová poznámka - C:\Apps\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Oříznout tuto stránku - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Oříznutý obrázek - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout obrázek - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Vystřihnout URL - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Vystřihnout výběr - C:\Apps\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Výběr oříznutí - C:\Apps\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Apps\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Apps\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Apps\AOMEI Backupper\ABService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Everything - Unknown owner - C:\Apps\Everything Portable\Everything.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files (x86)\Online Armor\OAcat.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Apps\Raxco Perfect Disk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Apps\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files (x86)\Online Armor\oasrv.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Apps\Switch Off\swoff.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14169 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Online Armor\OAcat.exe"
"C:\Program Files (x86)\Online Armor\oasrv.exe"
atieclxx
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Apps\AOMEI Backupper\ABService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Apps\Everything Portable\Everything.exe" -svc
taskeng.exe {D5771706-F901-4E42-8FD2-6C77C07AA828}
"C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {449FFD3E-52AD-49FA-BAA4-32E622120D0E}
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Apps\Raxco Perfect Disk\PDAgent.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Secunia\PSI\PSIA.exe" --start-service
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" da21a3cc-d51f-491d-a39e-5a3ff5e450da 1
\??\C:\Windows\system32\conhost.exe "-1329815585268411318-1432960732-493721543-1339388477-144641580271355683-8012826
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "48670765-208029955-258045509-1237696346-8551448943873651285684773582145621502
"C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e34cb1ad-f463-4d6f-ba14-7a78969f5cb2 -SystemEventPortName:HostProcess-3fed2055-4322-42f0-9665-70873065e3f9 -IoCancelEventPortName:HostProcess-6a3d7b68-dfc3-43e7-896f-6edb7011d73d -NonStateChangingEventPortName:HostProcess-f5b23500-96df-4598-9737-ff9bde4f8d06 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fa9064c3-422f-4d9e-aa72-508c9d4bf0eb -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Apps\Raxco Perfect Disk\PDAgentS1.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2534191315-2677609168-2277508931-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2534191315-2677609168-2277508931-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Apps\Crystal Disk Info Portable\DiskInfo.exe"
"C:\Program Files (x86)\Online Armor\oaui.exe"
"C:\Program Files (x86)\Online Armor\OAhlp.exe"
"C:\Apps\Networx\networx.exe" /auto
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Apps\Desktop OK\DesktopOK_x64.exe" -bg -startup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Apps\Volume 2 Portable\Volume2.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Apps\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Apps\Ditto Portable\Ditto.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Secunia\PSI\psi_tray.exe"
"C:\Program Files\Avast\avastui.exe" /nogui
"C:\Apps\4t Tray Minimizer\4t-min.exe" -tray
"C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe"
"C:\Apps\4t Tray Minimizer\4t-min64.exe" "C:\Apps\4t Tray Minimizer\ShellEh604x64.dll"
\??\C:\Windows\system32\conhost.exe "136556435111925667442032623493-4767805111868909098-9024786391605785300223704649
"C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Apps\Evernote\EvernoteClipper.exe"
"C:\Apps\Rainmeter Portable\Rainmeter.exe"
"C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE" /tsr
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Apps\Everything Portable\Everything.exe" -startup
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Apps\Total Commander\TOTALCMD.EXE"
"C:\Users\lst\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000Core.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2534191315-2677609168-2277508931-1000UA.job - C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe Acrobat 9.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.203 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\extensions\
cs2@dictionaries.addons.mozilla.org
cs@dictionaries.addons.mozilla.org
en-GB@dictionaries.addons.mozilla.org
en-US@dictionaries.addons.mozilla.org
faviconrestorer@masserog.it
zoteroWinWordIntegration@zotero.org
C:\Users\lst\AppData\Roaming\Mozilla\Firefox\Profiles\0nmqgbsn.Termit\searchplugins\
boardgamegeek.xml
dictionary.xml
gog.xml
google-scholar.xml
google-translate-ru-en.xml
imdb.xml
metacritic---games.xml
releaselog.xml
sfdcz.xml
titulkycom.xml
uloto-vpis-pod-sebou.xml
youtube.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"@OnlineArmor GUI"=C:\Program Files (x86)\Online Armor\oaui.exe [2013-10-11 7558464]
"NetWorx"=C:\Apps\Networx\networx.exe [2015-05-17 6611648]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"MouseDriver"=C:\Windows\system32\TiltWheelMouse.exe [2012-12-19 241152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DesktopOK"=C:\Apps\Desktop OK\DesktopOK_x64.exe [2014-01-15 417280]
"Volume2"=C:\Apps\Volume 2 Portable\Volume2.exe [2013-02-10 4710912]
"f.lux"=C:\Users\lst\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"Skype"=C:\Apps\Skype\Phone\Skype.exe [2015-06-02 28782208]
"Dropbox Update"=C:\Users\lst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]
"Ditto"=C:\Apps\Ditto Portable\Ditto.exe [2012-11-08 1717872]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"AvastUI.exe"=C:\Program Files\Avast\AvastUI.exe [2015-05-11 5515496]
"WD Drive Manager"=C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [2009-06-26 480768]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Secunia PSI Tray.lnk - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\lst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
4t Tray Minimizer.lnk - C:\Apps\4t Tray Minimizer\4t-min.exe
Dropbox.lnk - C:\Users\lst\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Apps\Evernote\EvernoteClipper.exe
Rainmeter.lnk - C:\Apps\Rainmeter Portable\Rainmeter.exe
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
"Debugger=""C:\Apps\Process Hacker Portable\ProcessHacker.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-11 13:22:41 ----D---- C:\_OTM
2015-07-10 22:45:20 ----D---- C:\AdwCleaner
2015-07-10 08:58:11 ----D---- C:\rsit
2015-07-10 08:58:11 ----D---- C:\Program Files\trend micro
2015-07-07 21:40:51 ----A---- C:\Windows\system32\invagent.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-07 21:40:51 ----A---- C:\Windows\system32\aeinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\devinv.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-07 21:40:50 ----A---- C:\Windows\system32\aepdu.dll
2015-07-07 21:40:50 ----A---- C:\Windows\system32\acmigration.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups2.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wups.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wudriver.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wucltux.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapp.exe
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wuapi.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 21:40:47 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-07 09:42:42 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-07-07 09:36:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvopencl.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglv64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvinitx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvIFR64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\NvFBC64.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuvid.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\nvcuda.dll
2015-07-07 09:36:51 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-07-07 09:36:50 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-07-07 09:36:50 ----A---- C:\Windows\system32\nvcompiler.dll
2015-07-07 09:31:47 ----D---- C:\NVIDIA
2015-07-01 05:55:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-01 05:55:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\wintrust.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-17 16:30:03 ----A---- C:\Windows\system32\crypt32.dll
2015-06-17 16:29:19 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-17 12:26:21 ----D---- C:\ProgramData\Dropbox
======List of files/folders modified in the last 1 month======
2015-07-11 13:49:25 ----D---- C:\Windows\Prefetch
2015-07-11 13:48:44 ----RD---- C:\Dropbox
2015-07-11 13:48:27 ----D---- C:\Users\lst\AppData\Roaming\Skype
2015-07-11 13:48:17 ----D---- C:\Users\lst\AppData\Roaming\Dropbox
2015-07-11 13:47:45 ----D---- C:\Windows\system32\config
2015-07-11 13:45:21 ----D---- C:\Windows\Temp
2015-07-11 13:43:57 ----D---- C:\ProgramData\NVIDIA
2015-07-11 13:22:43 ----D---- C:\Windows\Tasks
2015-07-11 13:09:50 ----AD---- C:\ProgramData\TEMP
2015-07-10 22:27:08 ----D---- C:\Users\lst\AppData\Roaming\GameSave Manager 3
2015-07-10 22:07:33 ----RD---- C:\APPS - PORTABLE
2015-07-10 11:12:47 ----D---- C:\Windows\winsxs
2015-07-10 08:58:11 ----D---- C:\Program Files
2015-07-09 17:00:35 ----D---- C:\TEMP
2015-07-09 15:58:22 ----D---- C:\__
2015-07-09 12:51:09 ----D---- C:\Windows\System32
2015-07-09 12:51:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-09 12:51:08 ----D---- C:\Windows\inf
2015-07-09 12:50:54 ----SHD---- C:\Windows\Installer
2015-07-09 11:31:18 ----D---- C:\Windows\SysWOW64
2015-07-09 11:31:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-08 19:30:20 ----D---- C:\Windows\system32\drivers
2015-07-08 19:30:19 ----D---- C:\Windows\system32\DriverStore
2015-07-08 15:40:01 ----D---- C:\ProgramData\Microsoft Help
2015-07-08 15:39:21 ----D---- C:\Windows\SoftwareDistribution
2015-07-08 08:51:04 ----D---- C:\Windows
2015-07-08 00:06:37 ----SD---- C:\Windows\system32\CompatTel
2015-07-08 00:06:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\wbem
2015-07-08 00:06:37 ----D---- C:\Windows\system32\cs-CZ
2015-07-08 00:06:37 ----D---- C:\Windows\system32\appraiser
2015-07-08 00:06:37 ----D---- C:\Windows\AppPatch
2015-07-07 21:43:20 ----D---- C:\Apps
2015-07-07 09:58:10 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-07 09:39:21 ----D---- C:\Windows\system32\catroot2
2015-07-07 09:37:10 ----D---- C:\ProgramData\boost_interprocess
2015-07-02 13:11:13 ----D---- C:\Windows\system32\NDF
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\uTorrent
2015-06-28 09:10:50 ----D---- C:\Users\lst\AppData\Roaming\DAEMON Tools Lite
2015-06-28 09:10:23 ----D---- C:\Windows\debug
2015-06-24 13:36:43 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-06-24 13:36:42 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-06-24 13:36:31 ----A---- C:\Windows\system32\nvspcap64.dll
2015-06-24 13:36:30 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-06-23 13:30:20 ----N---- C:\Windows\system32\MpSigStub.exe
2015-06-19 09:18:11 ----D---- C:\Program Files\Avast
2015-06-17 12:26:24 ----D---- C:\Windows\system32\Tasks
2015-06-17 12:26:21 ----HD---- C:\ProgramData
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-06-17 11:10:27 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\OpenCL.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-06-17 11:10:27 ----A---- C:\Windows\system32\nvapi64.dll
2015-06-17 08:48:17 ----A---- C:\Windows\system32\nvvsvc.exe
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvsvcr.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvshext.dll
2015-06-17 08:48:16 ----A---- C:\Windows\system32\nvmctray.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvsvc64.dll
2015-06-17 08:48:15 ----A---- C:\Windows\system32\nvcpl.dll
2015-06-15 11:39:47 ----D---- C:\ProgramData\Package Cache
2015-06-13 09:14:05 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ambakdrv;ambakdrv; C:\Windows\system32\ambakdrv.sys [2013-05-07 30648]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-11 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-11 283064]
R1 OADevice;OADriver; \??\C:\Windows\SysWow64\Drivers\OADriver.sys [2013-10-11 64720]
R1 oahlpXX;Online Armor helper driver; \??\C:\Windows\syswow64\drivers\oahlp64.sys [2013-10-11 62008]
R1 OAmon;OAmon; \??\C:\Windows\SysWOW64\Drivers\OAmon.sys [2013-10-11 52360]
R2 ammntdrv;ammntdrv; \??\C:\Windows\system32\ammntdrv.sys [2013-05-07 151480]
R2 amwrtdrv;amwrtdrv; \??\C:\Windows\system32\amwrtdrv.sys [2013-02-06 17848]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-28 137288]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2012-09-11 126232]
R2 PDFSFilter;PDFsFilter; C:\Windows\system32\DRIVERS\PDFsFilter.sys [2012-08-23 83224]
R3 e1kexpress;Intel(R) Network Connections Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2013-07-18 497424]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-04-09 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 OAnet;OnlineArmor Service; C:\Windows\system32\DRIVERS\oanet.sys [2013-10-11 35368]
R3 PSI;PSI; C:\Windows\system32\DRIVERS\psi_mf_amd64.sys [2014-11-28 18456]
R3 t_mouse.sys;HID-compliand device; C:\Windows\system32\DRIVERS\t_mouse.sys [2012-12-19 6144]
S1 ASPI32;ASPI32; C:\Windows\system32\drivers\ASPI32.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2013-03-07 13896]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2013-03-07 9160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2009-04-24 14464]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Apps\Open Hardware Monitor Portable\OpenHardwareMonitor.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast\AvastSvc.exe [2015-04-28 343336]
R2 Backupper Service;AOMEI Backupper Scheduler Service; C:\Apps\AOMEI Backupper\ABService.exe [2014-04-08 29912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Everything;Everything; C:\Apps\Everything Portable\Everything.exe [2014-08-06 1441792]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\APPS\FOXIT READER PORTABLE\APP\FOXIT READER\Foxit Cloud\FCUpdateService.exe [2014-10-28 244448]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 OAcat;Online Armor Helper Service; C:\Program Files (x86)\Online Armor\OAcat.exe [2013-10-11 584864]
R2 PDAgent;PDAgent; C:\Apps\Raxco Perfect Disk\PDAgent.exe [2012-10-04 1976696]
R2 Secunia PSI Agent;Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
R2 SvcOnlineArmor;Online Armor; C:\Program Files (x86)\Online Armor\oasrv.exe [2013-10-11 4457688]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [2009-06-26 119296]
R3 PDEngine;PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2012-10-04 3367288]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S2 SkypeUpdate;Skype Updater; C:\Apps\Skype\Updater\Updater.exe [2015-02-18 315488]
S2 SwOffScheduler;Airytec Switch Off - Task Scheduler; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S2 SwOffWeb;Airytec Switch Off - Web Interface; C:\Apps\Switch Off\swoff.exe [2014-02-13 173056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-02-10 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-01-28 118896]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Win10 Pro = Avast Free = Comodo Firewall Free
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velká prodleva v odpovědích programů
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Stále je ale málo volného místa na disku. Některá svá data přesuňte na jiné úložiště, příp. odinstalujte mepoužívané aplikace. Volné místo by mělo být min. 5GB, lépe více.
Stále je ale málo volného místa na disku. Některá svá data přesuňte na jiné úložiště, příp. odinstalujte mepoužívané aplikace. Volné místo by mělo být min. 5GB, lépe více.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Velká prodleva v odpovědích programů
Provedeno a dále uvolněno cca 5 GB místa. Zdá se, že to je lepší, uvidíme, jak to bude reagovat v dlouhodobějším horizontu.
Jinak stránkovací soubor mám cca 6 GB a je na jiném disku než systém.
Díky za pomoc, hlavně mě uklidnilo, že nemám v počítači žádnou havěť.
Jinak stránkovací soubor mám cca 6 GB a je na jiném disku než systém.
Díky za pomoc, hlavně mě uklidnilo, že nemám v počítači žádnou havěť.
Win10 Pro = Avast Free = Comodo Firewall Free
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Velká prodleva v odpovědích programů
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?