Dobrý den,
pc používá celá rodina, hlavně malá sestra, a zřejmě někde na něco klikla a win defender v určitých intervalech hlásí nalezenou havět. Když ji smažu, objeví se za několik minut znovu. Prosím Vás o pomoc. Přikládám raději oba logy.
Předem děkuji a přeji hezký večer.
RSIT log
Logfile of random's system information tool 1.10 (written by random/random)
Run by Huca at 2015-11-17 19:55:52
Microsoft Windows 10 Pro
System drive C: has 51 GB (64%) free of 80 GB
Total RAM: 2047 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:57, on 17.11.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x86__8wekyb3d8bbwe\Calculator.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Program Files\Windows Defender\msascui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Huca\Downloads\FRST.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SYSTEM32\notepad.exe
C:\Users\Huca\Downloads\RSIT.exe
C:\Program Files\trend micro\Huca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 5490 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001Core.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001UA.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=E:\Softwares\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-08-27 1423120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03 548552]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-09-27 57981568]
"Google Update"=C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06 144200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-17 19:55:52 ----D---- C:\rsit
2015-11-17 19:55:52 ----D---- C:\Program Files\trend micro
2015-11-17 19:51:27 ----D---- C:\FRST
2015-11-05 18:02:31 ----D---- C:\Program Files\Mozilla Firefox
2015-11-02 20:50:57 ----HD---- C:\ProgramData\CanonBJ
2015-11-02 20:50:48 ----A---- C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNHMCA.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXC.dll
2015-10-29 22:46:54 ----A---- C:\Windows\system32\mshtml.dll
2015-10-29 22:46:52 ----A---- C:\Windows\system32\edgehtml.dll
2015-10-29 22:46:48 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-10-29 22:46:47 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-10-29 22:46:47 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-10-29 22:46:47 ----A---- C:\Windows\system32\LicenseManager.dll
2015-10-29 22:46:47 ----A---- C:\Windows\system32\iertutil.dll
2015-10-29 22:46:47 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-29 22:46:46 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-10-29 22:46:46 ----A---- C:\Windows\system32\Windows.Media.dll
2015-10-29 22:46:46 ----A---- C:\Windows\system32\usermgr.dll
2015-10-29 22:46:45 ----A---- C:\Windows\system32\urlmon.dll
2015-10-29 22:46:45 ----A---- C:\Windows\system32\esent.dll
2015-10-29 22:46:44 ----A---- C:\Windows\system32\winlogon.exe
2015-10-29 22:46:44 ----A---- C:\Windows\system32\Windows.UI.dll
2015-10-29 22:46:44 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-10-29 22:46:44 ----A---- C:\Windows\system32\dssvc.dll
2015-10-29 22:46:44 ----A---- C:\Windows\system32\audiosrv.dll
2015-10-29 22:46:43 ----A---- C:\Windows\system32\drivers\netio.sys
2015-10-29 22:46:41 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-10-29 22:46:41 ----A---- C:\Windows\system32\dlnashext.dll
2015-10-29 22:46:41 ----A---- C:\Windows\system32\browserbroker.dll
======List of files/folders modified in the last 1 month======
2015-11-17 19:55:52 ----RD---- C:\Program Files
2015-11-17 19:54:20 ----D---- C:\Windows\Prefetch
2015-11-17 19:51:35 ----D---- C:\Windows
2015-11-17 19:42:55 ----D---- C:\Windows\Temp
2015-11-17 19:22:00 ----D---- C:\Windows\system32\sru
2015-11-17 17:38:26 ----D---- C:\Windows\System32
2015-11-17 12:39:58 ----D---- C:\Windows\Microsoft.NET
2015-11-17 08:15:03 ----HD---- C:\Program Files\WindowsApps
2015-11-17 08:15:03 ----D---- C:\Windows\AppReadiness
2015-11-16 20:17:32 ----D---- C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16:26 ----D---- C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19:35 ----D---- C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 18:26:31 ----D---- C:\Windows\system32\config
2015-11-11 08:09:13 ----D---- C:\Windows\CbsTemp
2015-11-11 08:09:03 ----D---- C:\Windows\WinSxS
2015-11-11 08:08:40 ----D---- C:\Windows\system32\MRT
2015-11-11 08:04:28 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 07:32:09 ----D---- C:\Windows\system32\catroot2
2015-11-06 20:19:58 ----D---- C:\Windows\Tasks
2015-11-06 20:19:58 ----D---- C:\Windows\system32\Tasks
2015-11-05 19:59:48 ----D---- C:\Windows\INF
2015-11-05 19:59:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-05 19:21:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-03 19:20:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-02 20:50:57 ----HD---- C:\ProgramData
2015-11-02 20:50:51 ----D---- C:\Windows\system32\DriverStore
2015-11-02 20:49:27 ----D---- C:\Windows\system32\drivers
2015-11-02 20:49:26 ----D---- C:\Windows\debug
2015-11-02 20:40:43 ----D---- C:\Windows\rescache
2015-11-02 20:22:05 ----SD---- C:\Users\Huca\AppData\Roaming\Microsoft
2015-10-31 11:59:39 ----RD---- C:\Windows\assembly
2015-10-31 09:09:03 ----D---- C:\ProgramData\NVIDIA
2015-10-30 20:36:13 ----SHD---- C:\Boot
2015-10-30 20:33:57 ----D---- C:\Windows\system32\cs-CZ
2015-10-30 20:33:57 ----D---- C:\Windows\system32\appraiser
2015-10-30 20:33:56 ----D---- C:\Windows\apppatch
2015-10-30 20:33:54 ----D---- C:\Windows\system32\migration
2015-10-30 20:33:54 ----D---- C:\Windows\system32\Boot
2015-10-30 20:33:53 ----D---- C:\Windows\system32\CodeIntegrity
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;@oem6.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-09-21 242240]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 7680]
R1 MpKsle3171355;MpKsle3171355; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsle3171355.sys [2015-11-17 39168]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-07-10 61952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AtcL001;@netl160x.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\System32\drivers\l160x86.sys [2015-07-10 55808]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2015-09-21 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-18 10704560]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 33632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 96768]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 21856]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-07-10 37888]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-07-24 48128]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-07-10 24064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-05 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 41864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 669696]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
FRST log
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-11-2015
Ran by Huca (administrator) on DESKTOP-BLMH0B0 (17-11-2015 19:52:10)
Running from C:\Users\Huca\Downloads
Loaded Profiles: Huca (Available Profiles: Huca)
Platform: Microsoft Windows 10 Pro (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x86__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-1286582242-1623890800-3632721733-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1286582242-1623890800-3632721733-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1286582242-1623890800-3632721733-1001\...\Run: [Google Update] => C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-11-06] (Google Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{0d31d2b5-b938-4110-8dbc-73faa170d8ea}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-1286582242-1623890800-3632721733-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-17] (NVIDIA Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Softwares\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1286582242-1623890800-3632721733-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Huca\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1286582242-1623890800-3632721733-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Huca\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-11-06] (Google Inc.)
FF Extension: Adblock Plus - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
Chrome:
=======
CHR Profile: C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-06]
CHR Extension: (Dokumenty Google) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-06]
CHR Extension: (Disk Google) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-06]
CHR Extension: (YouTube) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Tabulky Google) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR Extension: (Gmail) - C:\Users\Huca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [921208 2015-08-27] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4305016 2015-08-27] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [277760 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23264 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [242240 2015-09-21] (DT Soft Ltd)
R1 MpKsle3171355; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsle3171355.sys [39168 2015-11-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [5810 2015-09-21] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18552 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad32v.sys [44840 2015-08-11] (NVIDIA Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [31744 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [37400 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [245600 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [97632 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-17 19:52 - 2015-11-17 19:52 - 00009370 _____ C:\Users\Huca\Downloads\FRST.txt
2015-11-17 19:51 - 2015-11-17 19:52 - 00000000 ____D C:\FRST
2015-11-17 19:49 - 2015-11-17 19:51 - 01378816 _____ (Farbar) C:\Users\Huca\Downloads\FRST.exe
2015-11-17 18:10 - 2015-11-17 18:10 - 00000621 _____ C:\Users\Huca\Desktop\Half-Life.lnk
2015-11-17 18:10 - 2015-11-17 18:10 - 00000619 _____ C:\Users\Huca\Desktop\Counter-Strike 1.6.lnk
2015-11-17 17:38 - 2015-11-17 17:38 - 00016148 _____ C:\Windows\system32\DESKTOP-BLMH0B0_Huca_HistoryPrediction.bin
2015-11-15 09:14 - 2015-11-15 09:14 - 00031739 _____ C:\Users\Huca\Downloads\Heroes.Reborn.S01E09.HDTV.x264-FLEET.srt
2015-11-15 09:14 - 2015-11-15 09:14 - 00000000 ____D C:\Users\Huca\Downloads\Heroes.Reborn.S01E09.HDTV.x264-FLEET[rarbg]
2015-11-14 13:48 - 2015-11-14 15:18 - 1610869292 _____ C:\Users\Huca\Downloads\Cesta-do-středu-Země-(2008)-(CZ)-(Akční,-Dobrodružný,-Fantasy,-IMAX).avi
2015-11-12 21:50 - 2015-11-12 21:50 - 00062730 _____ C:\Users\Huca\Downloads\Arrow-04x06-Lost-Souls.LOL_.FUM_.DIMENSION.srt
2015-11-12 21:49 - 2015-11-12 21:49 - 00000000 ____D C:\Users\Huca\Downloads\Arrow.S04E06.HDTV.x264-LOL[ettv]
2015-11-11 23:12 - 2015-11-11 23:12 - 00053501 _____ C:\Users\Huca\Downloads\The-Flash-02x06-Enter-Zoom-LOL.srt
2015-11-11 19:58 - 2015-11-11 19:58 - 00000000 ____D C:\Users\Huca\Downloads\The.Flash.2014.S02E06.HDTV.x264-LOL[ettv]
2015-11-08 09:33 - 2015-11-08 09:33 - 00044590 _____ C:\Users\Huca\Downloads\arrow.s04e05.hdtv.x264-lol.srt
2015-11-08 09:30 - 2015-11-08 09:30 - 00000000 ____D C:\Users\Huca\Downloads\Arrow.S04E05.HDTV.x264-LOL[ettv]
2015-11-07 18:26 - 2015-11-07 18:29 - 00000000 ____D C:\Users\Huca\Downloads\Heroes.Reborn.S01E08.PROPER.HDTV.x264-KILLERS[ettv]
2015-11-07 18:26 - 2015-11-07 18:26 - 00040453 _____ C:\Users\Huca\Downloads\Heroes.Reborn.S01E08.PROPER.HDTV.x264-KILLERS(1).srt
2015-11-07 18:25 - 2015-11-07 18:25 - 00040453 _____ C:\Users\Huca\Downloads\Heroes.Reborn.S01E08.PROPER.HDTV.x264-KILLERS.srt
2015-11-07 17:09 - 2015-11-07 17:09 - 00053137 _____ C:\Users\Huca\Downloads\the.flash.s02e05.hdtv.hdtv.lol.srt
2015-11-07 17:09 - 2015-11-07 17:09 - 00000000 ____D C:\Users\Huca\Downloads\The.Flash.2014.S02E05.HDTV.x264-LOL[ettv]
2015-11-07 16:24 - 2015-11-07 16:24 - 00000217 _____ C:\Users\Huca\Desktop\NGDS.URL
2015-11-07 11:40 - 2015-11-07 11:40 - 00000226 _____ C:\Users\Huca\Desktop\P@W - People at Work.URL
2015-11-07 11:29 - 2015-11-07 11:30 - 44838992 _____ (Google Inc.) C:\Users\Huca\Downloads\ChromeStandaloneSetup.exe
2015-11-06 20:20 - 2015-11-12 07:25 - 00002444 _____ C:\Users\Huca\Desktop\Google Chrome.lnk
2015-11-06 20:20 - 2015-11-06 20:20 - 00000000 ____D C:\Users\Huca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-06 20:19 - 2015-11-17 19:24 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001UA.job
2015-11-06 20:19 - 2015-11-16 20:24 - 00000938 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001Core.job
2015-11-06 20:19 - 2015-11-06 20:20 - 00000000 ____D C:\Users\Huca\AppData\Local\Google
2015-11-06 20:18 - 2015-11-06 20:19 - 00929872 _____ (Google Inc.) C:\Users\Huca\Downloads\ChromeSetup.exe
2015-11-06 08:53 - 2015-11-06 08:53 - 00001320 _____ C:\Windows\IE11_main.log
2015-11-06 08:50 - 2015-11-06 08:50 - 00000675 _____ C:\Users\Huca\Downloads\IE11-Windows6.1-x86-cs-cz – zástupce.lnk
2015-11-05 20:05 - 2015-11-05 20:05 - 01015279 _____ C:\Users\Huca\Documents\4.pdf.oxps
2015-11-05 18:02 - 2015-11-05 19:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-11-02 23:05 - 2015-11-02 23:05 - 00489645 _____ C:\Users\Huca\Documents\mapy.png (2).oxps
2015-11-02 23:05 - 2015-11-02 23:05 - 00489642 _____ C:\Users\Huca\Documents\mapy.png (1).oxps
2015-11-02 23:04 - 2015-11-02 23:04 - 00489636 _____ C:\Users\Huca\Documents\mapy.png.oxps
2015-11-02 20:50 - 2015-11-02 20:50 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-11-02 20:50 - 2013-03-24 05:00 - 00317952 _____ (CANON INC.) C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49 - 2013-02-04 15:10 - 00321536 _____ (CANON INC.) C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49 - 2012-11-09 10:43 - 00088064 _____ C:\Windows\system32\CNC176DD.TBL
2015-11-02 20:49 - 2012-11-08 13:03 - 00262656 _____ (CANON INC.) C:\Windows\system32\CNC_BXC.dll
2015-11-02 20:49 - 2012-11-08 13:02 - 00096768 _____ (CANON INC.) C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\system32\CNHMCA.dll
2015-10-31 14:44 - 2015-10-31 14:47 - 00000000 ____D C:\Users\Huca\Downloads\Heroes.Reborn.S01E07.HDTV.x264-KILLERS[ettv]
2015-10-31 14:37 - 2015-10-31 14:38 - 00000000 ____D C:\Users\Huca\Downloads\Heroes.Reborn.S01E05.INTERNAL.HDTV.x264-KILLERS[ettv]
2015-10-31 14:36 - 2015-10-31 14:36 - 00038346 _____ C:\Users\Huca\Downloads\Heroes.Reborn.S01E07.HDTV.x264-KILLERS.srt
2015-10-30 15:35 - 2015-11-07 22:00 - 00004002 _____ C:\Users\Huca\Desktop\config.cfg
2015-10-30 15:35 - 2015-10-30 15:36 - 00001212 _____ C:\Users\Huca\Desktop\userconfig.cfg
2015-10-30 15:35 - 2015-10-30 15:35 - 00002659 _____ C:\Users\Huca\Downloads\config(7).rar
2015-10-30 13:20 - 2015-10-30 13:20 - 00059701 _____ C:\Users\Huca\Downloads\Arrow-04x04-Beyond-Redemption.LOL_.FUM_.DIMENSION.srt
2015-10-30 13:20 - 2015-10-30 13:20 - 00000000 ____D C:\Users\Huca\Downloads\Arrow.S04E04.HDTV.x264-LOL[ettv]
2015-10-30 11:03 - 2015-10-30 11:03 - 00049084 _____ C:\Users\Huca\Downloads\the.flash.2014.s02e04.hdtv.x264-killers.srt
2015-10-30 11:02 - 2015-10-30 11:06 - 00000000 ____D C:\Users\Huca\Downloads\The.Flash.2014.S02E04.HDTV.x264-KILLERS[ettv]
2015-10-30 10:56 - 2015-10-30 10:56 - 14689251 _____ C:\Users\Huca\Downloads\FailWH.dem
2015-10-29 22:46 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2015-10-29 22:46 - 2015-10-21 06:57 - 00558944 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-10-29 22:46 - 2015-10-21 06:55 - 00337760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-10-29 22:46 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManager.dll
2015-10-29 22:46 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-29 22:46 - 2015-10-21 06:15 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2015-10-29 22:46 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-29 22:46 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-10-29 22:46 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-10-29 22:46 - 2015-10-21 06:07 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2015-10-29 22:46 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-10-29 22:46 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-29 22:46 - 2015-10-21 06:03 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-10-29 22:46 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2015-10-29 22:46 - 2015-10-21 06:00 - 01917952 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-10-29 22:46 - 2015-10-21 06:00 - 00491008 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-10-29 22:46 - 2015-10-21 05:59 - 00546816 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2015-10-29 22:46 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2015-10-29 22:46 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2015-10-29 22:46 - 2015-10-21 05:56 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-10-29 22:46 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\dlnashext.dll
2015-10-29 22:46 - 2015-10-21 05:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2015-10-24 10:41 - 2015-10-24 10:41 - 00000000 ____D C:\Users\Huca\Downloads\Arrow.S04E03.HDTV.x264-LOL[ettv]
2015-10-24 10:39 - 2015-10-24 10:39 - 00043312 _____ C:\Users\Huca\Downloads\arrow.s04e03.hdtv.x264-lol.srt
2015-10-23 09:01 - 2015-10-23 09:01 - 00047518 _____ C:\Users\Huca\Downloads\the.flash.2014.s02e03.hdtv.x264-lol.srt
2015-10-23 09:00 - 2015-10-23 09:00 - 00000000 ____D C:\Users\Huca\Downloads\The.Flash.2014.S02E03.HDTV.x264-LOL[ettv]
2015-10-18 18:23 - 2015-10-18 18:23 - 11219141 _____ C:\Users\Huca\Downloads\blue_ct_red_tt_3.rar
2015-10-18 14:50 - 2015-10-18 14:50 - 05805519 _____ C:\Users\Huca\Downloads\HLTV_Models.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-17 19:22 - 2015-07-10 09:28 - 00000000 ____D C:\Windows\system32\sru
2015-11-17 19:14 - 2015-09-21 21:13 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-17 18:10 - 2015-09-23 10:14 - 00000000 ____D C:\Users\Huca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-11-17 12:39 - 2015-07-10 09:28 - 00000000 ____D C:\Windows\Microsoft.NET
2015-11-17 08:15 - 2015-07-10 09:28 - 00000000 ____D C:\Windows\AppReadiness
2015-11-16 20:17 - 2015-10-15 18:03 - 00000000 ____D C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16 - 2015-09-24 10:19 - 00000000 ____D C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19 - 2015-10-04 10:38 - 00000000 ____D C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 08:09 - 2015-07-10 09:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-11 08:08 - 2015-09-21 20:41 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 08:04 - 2015-09-21 20:41 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-05 19:59 - 2015-09-21 14:08 - 01762290 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-05 19:58 - 2015-07-10 10:53 - 00009952 _____ C:\Windows\setupact.log
2015-11-05 19:21 - 2015-09-21 20:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-11-03 20:15 - 2015-09-21 14:07 - 00002359 _____ C:\Users\Huca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-03 20:15 - 2015-09-21 14:07 - 00000000 ___RD C:\Users\Huca\OneDrive
2015-11-03 19:20 - 2015-07-10 09:29 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 09:29 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-11-02 20:40 - 2015-07-10 09:28 - 00000000 ____D C:\Windows\rescache
2015-10-31 09:10 - 2015-09-21 13:58 - 00000275 _____ C:\Windows\WindowsUpdate.log
2015-10-31 09:09 - 2015-09-21 14:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-31 09:09 - 2015-07-10 10:55 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-31 09:08 - 2015-07-10 07:59 - 00131072 ___SH C:\Windows\system32\config\BBI
2015-10-30 20:35 - 2015-09-21 13:52 - 00003422 _____ C:\Windows\PFRO.log
2015-10-30 20:33 - 2015-07-10 09:28 - 00000000 ____D C:\Windows\system32\appraiser
Some files in TEMP:
====================
C:\Users\Huca\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Huca\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-17 12:39
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Malware, trojan
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Malware, trojan
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Malware, trojan
# AdwCleaner v5.021 - Logfile created 17/11/2015 at 21:10:05
# Updated 14/11/2015 by Xplode
# Database : 2015-11-13.3 [Server]
# Operating system : Windows 10 Pro (x86)
# Username : Huca - DESKTOP-BLMH0B0
# Running from : C:\Users\Huca\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Huca\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Huca\AppData\Roaming\RPEng
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [783 bytes] ##########
# Updated 14/11/2015 by Xplode
# Database : 2015-11-13.3 [Server]
# Operating system : Windows 10 Pro (x86)
# Username : Huca - DESKTOP-BLMH0B0
# Running from : C:\Users\Huca\Desktop\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Huca\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Huca\AppData\Roaming\RPEng
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [783 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Malware, trojan
Zdravím!
Dejte nový log RSIT.
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Malware, trojan
Logfile of random's system information tool 1.10 (written by random/random)
Run by Huca at 2015-11-17 21:20:18
Microsoft Windows 10 Pro
System drive C: has 51 GB (65%) free of 80 GB
Total RAM: 2047 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:20:28, on 17.11.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Users\Huca\Downloads\RSIT.exe
C:\Program Files\trend micro\Huca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 5016 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001Core.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001UA.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=E:\Softwares\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-08-27 1423120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03 548552]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-09-27 57981568]
"Google Update"=C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06 144200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-17 21:06:02 ----D---- C:\AdwCleaner
2015-11-17 19:55:52 ----D---- C:\rsit
2015-11-17 19:55:52 ----D---- C:\Program Files\trend micro
2015-11-17 19:51:27 ----D---- C:\FRST
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.Media.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-11-11 07:33:19 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-11-11 07:33:18 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 07:33:17 ----A---- C:\Windows\system32\esent.dll
2015-11-11 07:33:17 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-11 07:33:16 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 07:33:14 ----A---- C:\Windows\system32\edgehtml.dll
2015-11-11 07:33:13 ----A---- C:\Windows\system32\dlnashext.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\netio.sys
2015-11-11 07:33:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\winlogon.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\browserbroker.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\audiosrv.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\LicenseManager.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\appraiser.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.UI.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\win32kfull.sys
2015-11-11 07:33:07 ----A---- C:\Windows\system32\usermgr.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\RDXService.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\internetmail.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\dssvc.dll
2015-11-11 07:33:06 ----A---- C:\Windows\system32\win32kbase.sys
2015-11-11 07:33:06 ----A---- C:\Windows\system32\twinapi.appcore.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\fontdrvhost.exe
2015-11-11 07:33:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-11-05 18:02:31 ----D---- C:\Program Files\Mozilla Firefox
2015-11-02 20:50:57 ----HD---- C:\ProgramData\CanonBJ
2015-11-02 20:50:48 ----A---- C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNHMCA.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXC.dll
======List of files/folders modified in the last 1 month======
2015-11-17 21:20:10 ----D---- C:\Windows\Prefetch
2015-11-17 21:17:23 ----D---- C:\Windows\System32
2015-11-17 21:17:23 ----D---- C:\Windows\INF
2015-11-17 21:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:13:58 ----D---- C:\Windows\system32\config
2015-11-17 21:13:57 ----D---- C:\Windows\CbsTemp
2015-11-17 21:13:18 ----D---- C:\Windows\Temp
2015-11-17 21:13:13 ----D---- C:\Windows\Microsoft.NET
2015-11-17 21:13:12 ----D---- C:\Windows\WinSxS
2015-11-17 21:12:54 ----D---- C:\ProgramData\NVIDIA
2015-11-17 21:12:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-17 21:11:56 ----D---- C:\Windows\system32\sru
2015-11-17 21:11:19 ----D---- C:\Windows\system32\cs-CZ
2015-11-17 21:11:19 ----D---- C:\Windows\system32\appraiser
2015-11-17 21:11:19 ----D---- C:\Windows\apppatch
2015-11-17 21:11:18 ----D---- C:\Windows\system32\drivers
2015-11-17 21:11:17 ----D---- C:\Windows\system32\DriverStore
2015-11-17 19:55:52 ----RD---- C:\Program Files
2015-11-17 19:51:35 ----D---- C:\Windows
2015-11-17 08:15:03 ----HD---- C:\Program Files\WindowsApps
2015-11-17 08:15:03 ----D---- C:\Windows\AppReadiness
2015-11-16 20:17:32 ----D---- C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16:26 ----D---- C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19:35 ----D---- C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 08:08:40 ----D---- C:\Windows\system32\MRT
2015-11-11 08:04:28 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 07:32:09 ----D---- C:\Windows\system32\catroot2
2015-11-06 20:19:58 ----D---- C:\Windows\Tasks
2015-11-06 20:19:58 ----D---- C:\Windows\system32\Tasks
2015-11-03 19:20:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-02 20:50:57 ----HD---- C:\ProgramData
2015-11-02 20:49:26 ----D---- C:\Windows\debug
2015-11-02 20:40:43 ----D---- C:\Windows\rescache
2015-11-02 20:22:05 ----SD---- C:\Users\Huca\AppData\Roaming\Microsoft
2015-10-31 11:59:39 ----RD---- C:\Windows\assembly
2015-10-30 20:36:13 ----SHD---- C:\Boot
2015-10-30 20:33:54 ----D---- C:\Windows\system32\migration
2015-10-30 20:33:54 ----D---- C:\Windows\system32\Boot
2015-10-30 20:33:53 ----D---- C:\Windows\system32\CodeIntegrity
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;@oem6.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-09-21 242240]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 7680]
R1 MpKsl58040950;MpKsl58040950; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsl58040950.sys [2015-11-17 39168]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-07-10 61952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AtcL001;@netl160x.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\System32\drivers\l160x86.sys [2015-07-10 55808]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2015-09-21 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-18 10704560]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 33632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 96768]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 21856]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-07-10 37888]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-07-24 48128]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-07-10 24064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-05 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 41864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 669696]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
Run by Huca at 2015-11-17 21:20:18
Microsoft Windows 10 Pro
System drive C: has 51 GB (65%) free of 80 GB
Total RAM: 2047 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:20:28, on 17.11.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Users\Huca\Downloads\RSIT.exe
C:\Program Files\trend micro\Huca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 5016 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001Core.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001UA.job - C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=E:\Softwares\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-08-27 1423120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03 548552]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-09-27 57981568]
"Google Update"=C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06 144200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-17 21:06:02 ----D---- C:\AdwCleaner
2015-11-17 19:55:52 ----D---- C:\rsit
2015-11-17 19:55:52 ----D---- C:\Program Files\trend micro
2015-11-17 19:51:27 ----D---- C:\FRST
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.Media.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-11-11 07:33:19 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-11-11 07:33:18 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 07:33:17 ----A---- C:\Windows\system32\esent.dll
2015-11-11 07:33:17 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-11 07:33:16 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 07:33:14 ----A---- C:\Windows\system32\edgehtml.dll
2015-11-11 07:33:13 ----A---- C:\Windows\system32\dlnashext.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\netio.sys
2015-11-11 07:33:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\winlogon.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\browserbroker.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\audiosrv.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\LicenseManager.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\appraiser.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.UI.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\win32kfull.sys
2015-11-11 07:33:07 ----A---- C:\Windows\system32\usermgr.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\RDXService.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\internetmail.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\dssvc.dll
2015-11-11 07:33:06 ----A---- C:\Windows\system32\win32kbase.sys
2015-11-11 07:33:06 ----A---- C:\Windows\system32\twinapi.appcore.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\fontdrvhost.exe
2015-11-11 07:33:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-11-05 18:02:31 ----D---- C:\Program Files\Mozilla Firefox
2015-11-02 20:50:57 ----HD---- C:\ProgramData\CanonBJ
2015-11-02 20:50:48 ----A---- C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNHMCA.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXC.dll
======List of files/folders modified in the last 1 month======
2015-11-17 21:20:10 ----D---- C:\Windows\Prefetch
2015-11-17 21:17:23 ----D---- C:\Windows\System32
2015-11-17 21:17:23 ----D---- C:\Windows\INF
2015-11-17 21:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:13:58 ----D---- C:\Windows\system32\config
2015-11-17 21:13:57 ----D---- C:\Windows\CbsTemp
2015-11-17 21:13:18 ----D---- C:\Windows\Temp
2015-11-17 21:13:13 ----D---- C:\Windows\Microsoft.NET
2015-11-17 21:13:12 ----D---- C:\Windows\WinSxS
2015-11-17 21:12:54 ----D---- C:\ProgramData\NVIDIA
2015-11-17 21:12:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-17 21:11:56 ----D---- C:\Windows\system32\sru
2015-11-17 21:11:19 ----D---- C:\Windows\system32\cs-CZ
2015-11-17 21:11:19 ----D---- C:\Windows\system32\appraiser
2015-11-17 21:11:19 ----D---- C:\Windows\apppatch
2015-11-17 21:11:18 ----D---- C:\Windows\system32\drivers
2015-11-17 21:11:17 ----D---- C:\Windows\system32\DriverStore
2015-11-17 19:55:52 ----RD---- C:\Program Files
2015-11-17 19:51:35 ----D---- C:\Windows
2015-11-17 08:15:03 ----HD---- C:\Program Files\WindowsApps
2015-11-17 08:15:03 ----D---- C:\Windows\AppReadiness
2015-11-16 20:17:32 ----D---- C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16:26 ----D---- C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19:35 ----D---- C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 08:08:40 ----D---- C:\Windows\system32\MRT
2015-11-11 08:04:28 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 07:32:09 ----D---- C:\Windows\system32\catroot2
2015-11-06 20:19:58 ----D---- C:\Windows\Tasks
2015-11-06 20:19:58 ----D---- C:\Windows\system32\Tasks
2015-11-03 19:20:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-02 20:50:57 ----HD---- C:\ProgramData
2015-11-02 20:49:26 ----D---- C:\Windows\debug
2015-11-02 20:40:43 ----D---- C:\Windows\rescache
2015-11-02 20:22:05 ----SD---- C:\Users\Huca\AppData\Roaming\Microsoft
2015-10-31 11:59:39 ----RD---- C:\Windows\assembly
2015-10-30 20:36:13 ----SHD---- C:\Boot
2015-10-30 20:33:54 ----D---- C:\Windows\system32\migration
2015-10-30 20:33:54 ----D---- C:\Windows\system32\Boot
2015-10-30 20:33:53 ----D---- C:\Windows\system32\CodeIntegrity
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;@oem6.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-09-21 242240]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 7680]
R1 MpKsl58040950;MpKsl58040950; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsl58040950.sys [2015-11-17 39168]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-07-10 61952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AtcL001;@netl160x.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\System32\drivers\l160x86.sys [2015-07-10 55808]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2015-09-21 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-18 10704560]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 33632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 96768]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 21856]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-07-10 37888]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-07-24 48128]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-07-10 24064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-05 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 41864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 669696]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Malware, trojan
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1286582242-1623890800-3632721733-1001UA.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Malware, trojan
Logfile of random's system information tool 1.10 (written by random/random)
Run by Huca at 2015-11-17 21:37:48
Microsoft Windows 10 Pro
System drive C: has 52 GB (65%) free of 80 GB
Total RAM: 2047 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:02, on 17.11.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\notepad.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Huca\Downloads\RSIT.exe
C:\Program Files\trend micro\Huca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 5017 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=E:\Softwares\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-08-27 1423120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03 548552]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-09-27 57981568]
"Google Update"=C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06 144200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-17 21:32:21 ----D---- C:\_OTM
2015-11-17 21:06:02 ----D---- C:\AdwCleaner
2015-11-17 19:55:52 ----D---- C:\rsit
2015-11-17 19:55:52 ----D---- C:\Program Files\trend micro
2015-11-17 19:51:27 ----D---- C:\FRST
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.Media.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-11-11 07:33:19 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-11-11 07:33:18 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 07:33:17 ----A---- C:\Windows\system32\esent.dll
2015-11-11 07:33:17 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-11 07:33:16 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 07:33:14 ----A---- C:\Windows\system32\edgehtml.dll
2015-11-11 07:33:13 ----A---- C:\Windows\system32\dlnashext.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\netio.sys
2015-11-11 07:33:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\winlogon.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\browserbroker.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\audiosrv.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\LicenseManager.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\appraiser.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.UI.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\win32kfull.sys
2015-11-11 07:33:07 ----A---- C:\Windows\system32\usermgr.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\RDXService.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\internetmail.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\dssvc.dll
2015-11-11 07:33:06 ----A---- C:\Windows\system32\win32kbase.sys
2015-11-11 07:33:06 ----A---- C:\Windows\system32\twinapi.appcore.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\fontdrvhost.exe
2015-11-11 07:33:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-11-05 18:02:31 ----D---- C:\Program Files\Mozilla Firefox
2015-11-02 20:50:57 ----HD---- C:\ProgramData\CanonBJ
2015-11-02 20:50:48 ----A---- C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNHMCA.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXC.dll
======List of files/folders modified in the last 1 month======
2015-11-17 21:37:38 ----D---- C:\Windows\Prefetch
2015-11-17 21:37:14 ----D---- C:\Windows\Temp
2015-11-17 21:37:01 ----D---- C:\Windows\System32
2015-11-17 21:36:41 ----D---- C:\ProgramData\NVIDIA
2015-11-17 21:36:02 ----D---- C:\Windows\system32\sru
2015-11-17 21:32:25 ----D---- C:\Windows\Tasks
2015-11-17 21:30:52 ----D---- C:\Windows\Microsoft.NET
2015-11-17 21:23:37 ----D---- C:\Windows\system32\config
2015-11-17 21:17:23 ----D---- C:\Windows\INF
2015-11-17 21:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:14:22 ----D---- C:\Windows\CbsTemp
2015-11-17 21:13:12 ----D---- C:\Windows\WinSxS
2015-11-17 21:12:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-17 21:11:19 ----D---- C:\Windows\system32\cs-CZ
2015-11-17 21:11:19 ----D---- C:\Windows\system32\appraiser
2015-11-17 21:11:19 ----D---- C:\Windows\apppatch
2015-11-17 21:11:18 ----D---- C:\Windows\system32\drivers
2015-11-17 21:11:17 ----D---- C:\Windows\system32\DriverStore
2015-11-17 19:55:52 ----RD---- C:\Program Files
2015-11-17 19:51:35 ----D---- C:\Windows
2015-11-17 08:15:03 ----HD---- C:\Program Files\WindowsApps
2015-11-17 08:15:03 ----D---- C:\Windows\AppReadiness
2015-11-16 20:17:32 ----D---- C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16:26 ----D---- C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19:35 ----D---- C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 08:08:40 ----D---- C:\Windows\system32\MRT
2015-11-11 08:04:28 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 07:32:09 ----D---- C:\Windows\system32\catroot2
2015-11-06 20:19:58 ----D---- C:\Windows\system32\Tasks
2015-11-03 19:20:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-02 20:50:57 ----HD---- C:\ProgramData
2015-11-02 20:49:26 ----D---- C:\Windows\debug
2015-11-02 20:40:43 ----D---- C:\Windows\rescache
2015-11-02 20:22:05 ----SD---- C:\Users\Huca\AppData\Roaming\Microsoft
2015-10-31 11:59:39 ----RD---- C:\Windows\assembly
2015-10-30 20:36:13 ----SHD---- C:\Boot
2015-10-30 20:33:54 ----D---- C:\Windows\system32\migration
2015-10-30 20:33:54 ----D---- C:\Windows\system32\Boot
2015-10-30 20:33:53 ----D---- C:\Windows\system32\CodeIntegrity
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;@oem6.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-09-21 242240]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 7680]
R1 MpKsl1b3b60b5;MpKsl1b3b60b5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsl1b3b60b5.sys [2015-11-17 39168]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-07-10 61952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AtcL001;@netl160x.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\System32\drivers\l160x86.sys [2015-07-10 55808]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2015-09-21 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-18 10704560]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 33632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 96768]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 21856]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-07-10 37888]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-07-24 48128]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-07-10 24064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-05 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 41864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 669696]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
Run by Huca at 2015-11-17 21:37:48
Microsoft Windows 10 Pro
System drive C: has 52 GB (65%) free of 80 GB
Total RAM: 2047 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:38:02, on 17.11.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\notepad.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Huca\Downloads\RSIT.exe
C:\Program Files\trend micro\Huca.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
--
End of file - 5017 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Huca\AppData\Roaming\Mozilla\Firefox\Profiles\4a6lmh2l.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.245 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1220162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=E:\Softwares\VLC\npvlc.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-08-27 2634872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-08-27 1423120]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Huca\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-03 548552]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2015-09-27 57981568]
"Google Update"=C:\Users\Huca\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-06 144200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-17 21:32:21 ----D---- C:\_OTM
2015-11-17 21:06:02 ----D---- C:\AdwCleaner
2015-11-17 19:55:52 ----D---- C:\rsit
2015-11-17 19:55:52 ----D---- C:\Program Files\trend micro
2015-11-17 19:51:27 ----D---- C:\FRST
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\Windows.Media.dll
2015-11-11 07:33:20 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2015-11-11 07:33:19 ----A---- C:\Windows\system32\MFMediaEngine.dll
2015-11-11 07:33:18 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 07:33:17 ----A---- C:\Windows\system32\esent.dll
2015-11-11 07:33:17 ----A---- C:\Windows\system32\AppXDeploymentExtensions.dll
2015-11-11 07:33:16 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 07:33:14 ----A---- C:\Windows\system32\edgehtml.dll
2015-11-11 07:33:13 ----A---- C:\Windows\system32\dlnashext.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 07:33:11 ----A---- C:\Windows\system32\drivers\netio.sys
2015-11-11 07:33:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\winlogon.exe
2015-11-11 07:33:09 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\browserbroker.dll
2015-11-11 07:33:09 ----A---- C:\Windows\system32\audiosrv.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\LicenseManager.dll
2015-11-11 07:33:08 ----A---- C:\Windows\system32\appraiser.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.UI.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\Windows.Devices.Usb.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\win32kfull.sys
2015-11-11 07:33:07 ----A---- C:\Windows\system32\usermgr.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\RDXService.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\internetmail.dll
2015-11-11 07:33:07 ----A---- C:\Windows\system32\dssvc.dll
2015-11-11 07:33:06 ----A---- C:\Windows\system32\win32kbase.sys
2015-11-11 07:33:06 ----A---- C:\Windows\system32\twinapi.appcore.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 07:33:05 ----A---- C:\Windows\system32\fontdrvhost.exe
2015-11-11 07:33:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-11-05 18:02:31 ----D---- C:\Program Files\Mozilla Firefox
2015-11-02 20:50:57 ----HD---- C:\ProgramData\CanonBJ
2015-11-02 20:50:48 ----A---- C:\Windows\system32\CNMLMBX.DLL
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNHMCA.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXL.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXI.dll
2015-11-02 20:49:53 ----A---- C:\Windows\system32\CNC_BXC.dll
======List of files/folders modified in the last 1 month======
2015-11-17 21:37:38 ----D---- C:\Windows\Prefetch
2015-11-17 21:37:14 ----D---- C:\Windows\Temp
2015-11-17 21:37:01 ----D---- C:\Windows\System32
2015-11-17 21:36:41 ----D---- C:\ProgramData\NVIDIA
2015-11-17 21:36:02 ----D---- C:\Windows\system32\sru
2015-11-17 21:32:25 ----D---- C:\Windows\Tasks
2015-11-17 21:30:52 ----D---- C:\Windows\Microsoft.NET
2015-11-17 21:23:37 ----D---- C:\Windows\system32\config
2015-11-17 21:17:23 ----D---- C:\Windows\INF
2015-11-17 21:17:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-17 21:14:22 ----D---- C:\Windows\CbsTemp
2015-11-17 21:13:12 ----D---- C:\Windows\WinSxS
2015-11-17 21:12:26 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-11-17 21:11:19 ----D---- C:\Windows\system32\cs-CZ
2015-11-17 21:11:19 ----D---- C:\Windows\system32\appraiser
2015-11-17 21:11:19 ----D---- C:\Windows\apppatch
2015-11-17 21:11:18 ----D---- C:\Windows\system32\drivers
2015-11-17 21:11:17 ----D---- C:\Windows\system32\DriverStore
2015-11-17 19:55:52 ----RD---- C:\Program Files
2015-11-17 19:51:35 ----D---- C:\Windows
2015-11-17 08:15:03 ----HD---- C:\Program Files\WindowsApps
2015-11-17 08:15:03 ----D---- C:\Windows\AppReadiness
2015-11-16 20:17:32 ----D---- C:\Users\Huca\AppData\Roaming\Skype
2015-11-15 18:16:26 ----D---- C:\Users\Huca\AppData\Roaming\vlc
2015-11-15 09:19:35 ----D---- C:\Users\Huca\AppData\Roaming\uTorrent
2015-11-11 08:08:40 ----D---- C:\Windows\system32\MRT
2015-11-11 08:04:28 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 07:32:09 ----D---- C:\Windows\system32\catroot2
2015-11-06 20:19:58 ----D---- C:\Windows\system32\Tasks
2015-11-03 19:20:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-11-02 20:50:57 ----HD---- C:\ProgramData
2015-11-02 20:49:26 ----D---- C:\Windows\debug
2015-11-02 20:40:43 ----D---- C:\Windows\rescache
2015-11-02 20:22:05 ----SD---- C:\Users\Huca\AppData\Roaming\Microsoft
2015-10-31 11:59:39 ----RD---- C:\Windows\assembly
2015-10-30 20:36:13 ----SHD---- C:\Boot
2015-10-30 20:33:54 ----D---- C:\Windows\system32\migration
2015-10-30 20:33:54 ----D---- C:\Windows\system32\Boot
2015-10-30 20:33:53 ----D---- C:\Windows\system32\CodeIntegrity
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 dtsoftbus01;@oem6.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-09-21 242240]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2015-07-10 74240]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-07-10 7680]
R1 MpKsl1b3b60b5;MpKsl1b3b60b5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{360C40BA-41AD-4945-98C4-7F9E41C26C10}\MpKsl1b3b60b5.sys [2015-11-17 39168]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\System32\drivers\vwififlt.sys [2015-07-10 61952]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-07-10 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-07-10 52736]
R3 AtcL001;@netl160x.inf,%AtcL001.Service.DispName%;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\System32\drivers\l160x86.sys [2015-07-10 55808]
R3 MTsensor;@oem5.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2015-09-21 5810]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2015-08-18 10704560]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-08-27 18552]
R3 nvvad_WaveExtensible;@oem7.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2015-08-11 44840]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-07-10 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-07-10 83296]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-07-10 51040]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-07-10 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-07-10 33632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-09-17 26112]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2015-07-10 96768]
S3 fcvsc;fcvsc; C:\Windows\System32\drivers\fcvsc.sys [2015-07-10 24064]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-07-10 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpio.sys [2015-07-10 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-07-10 37728]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\Windows\System32\drivers\iaioi2c.sys [2015-07-10 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-07-10 23040]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\Windows\System32\Drivers\UcmCx.sys [2015-07-10 45056]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\Windows\System32\drivers\UcmUcsi.sys [2015-07-14 32768]
S3 UdeCx;USB Device Emulation Support Library; C:\Windows\system32\drivers\udecx.sys [2015-07-10 31744]
S3 Ufx01000;USB Function Class Extension; C:\Windows\system32\drivers\ufx01000.sys [2015-07-10 190816]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\Windows\System32\drivers\UfxChipidea.sys [2015-07-10 73568]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\Windows\System32\drivers\ufxsynopsys.sys [2015-07-10 100704]
S3 UrsCx01000;USB Role-Switch Support Library; C:\Windows\system32\drivers\urscx01000.sys [2015-07-10 42848]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\Windows\System32\drivers\urschipidea.sys [2015-07-10 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\Windows\System32\drivers\urssynopsys.sys [2015-07-10 21856]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2015-07-10 37888]
S3 usbser;@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver; C:\Windows\System32\drivers\usbser.sys [2015-07-24 48128]
S3 vhf;@%SystemRoot%\system32\drivers\vhf.sys,-100; C:\Windows\System32\drivers\vhf.sys [2015-07-10 24064]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-08-27 921208]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-08-27 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-08-27 4305016]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-08-18 670512]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-08-17 409776]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R2 UserManager;@%systemroot%\system32\usermgr.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
R3 UsoSvc;@%systemroot%\system32\usocore.dll,-102; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 23040]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-05-29 43696]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-05 147624]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\lsass.exe [2015-07-10 41864]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2015-07-12 669696]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\Windows\System32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-14001; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 UserDataSvc_Session1;Přístup k uživatelským datům_Session1; C:\Windows\system32\svchost.exe [2015-07-10 35176]
S3 vmicvmsession;@%systemroot%\system32\icsvc.dll,-901; C:\Windows\system32\svchost.exe [2015-07-10 35176]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Malware, trojan
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Malware, trojan
Dobrý den,
především chci poděkovat za Váš čas. Nejdřív ukozoval win defender, že stále maže škodlivý malware, po OTM a clean up nejde spustit nabídka start dole na liště, ani vpravo nefunguje poklik na čas atd. Hádám, že budu muset dát reinstal systému.
Přeji hezký den.
především chci poděkovat za Váš čas. Nejdřív ukozoval win defender, že stále maže škodlivý malware, po OTM a clean up nejde spustit nabídka start dole na liště, ani vpravo nefunguje poklik na čas atd. Hádám, že budu muset dát reinstal systému.
Přeji hezký den.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Malware, trojan
To je vada desítek, jiný Win OS toto nedělá, i když mažeme stejné položky. Proč, to zatím nevíme. Zkuste obnovu systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?