Prosím o pomoc , viz předmět
Naskauje mi stále i hláška "tato stránka zpomaluje váš prohlížeč..." u různých stránek to dělá....
--------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-02-26 07:52:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 3072 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:53:00, on 26.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\volumouse\volumouse32.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Voobly] "C:\Program Files (x86)\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9100 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
"C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe"
"C:\Program Files (x86)\volumouse\volumouse32.exe" /loadvlm 65854 "C:\Users\Admin\AppData\Local\Volumouse\volumouse.cfg"
"C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2592
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="3404.0.866103830\723129648" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 3404 "\\.\pipe\gecko-crash-server-pipe.3404" tab
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 4080
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\AUDIODG.EXE 0x798
"D:\Dokumenty\_Stažené soubory\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 856 860 868 65536 864
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\extensions\
artur.dubovoy@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\volumouse\volumouse.exe [2011-06-21 88576]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2015-10-26 514048]
"Voobly"=C:\Program Files (x86)\Voobly\voobly.exe [2016-05-08 159744]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-05-09 4177784]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AtomTime"=C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [2004-12-03 396316]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-10-03 58584]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-10-27 50448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-29 596504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=1
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-02-26 07:52:49 ----D---- C:\Program Files\trend micro
2017-02-26 07:52:48 ----D---- C:\rsit
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-25 19:32:40 ----D---- C:\NVIDIA
2017-02-07 21:54:00 ----D---- C:\Users\Admin\AppData\Roaming\InstallShield
2017-01-29 01:46:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-01-29 01:45:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-01-29 01:33:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-01-29 01:31:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-01-29 01:30:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-01-29 01:23:33 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-01-29 01:23:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-01-29 01:23:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-01-29 01:22:35 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-01-29 01:18:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-01-29 01:17:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-01-29 01:13:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-01-29 01:12:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-01-29 01:12:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-01-29 01:11:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-01-29 01:09:21 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-01-29 01:08:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-01-29 01:03:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-01-29 00:55:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-01-29 00:54:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-01-29 00:51:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-01-29 00:48:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-01-29 00:47:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-01-29 00:44:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2017-01-29 00:41:46 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-01-29 00:41:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-01-29 00:38:20 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-01-29 00:34:10 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-01-29 00:27:53 ----A---- C:\Windows\system32\d3dx10.dll
2017-01-29 00:25:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2017-01-29 00:24:12 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-01-29 00:21:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-01-29 00:20:08 ----A---- C:\Windows\system32\xinput1_2.dll
2017-01-29 00:05:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-01-29 00:03:04 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-01-29 00:02:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-01-29 00:00:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-01-28 23:59:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-01-28 23:57:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-01-28 23:41:27 ----D---- C:\Program Files (x86)\Ubisoft
2017-01-27 20:36:07 ----D---- C:\Windows\SYSWOW64\directx
======List of files/folders modified in the last 1 month======
2017-02-26 07:52:49 ----RD---- C:\Program Files
2017-02-26 03:44:08 ----D---- C:\Windows\system32\config
2017-02-26 01:00:31 ----D---- C:\Windows\temp
2017-02-25 22:17:04 ----D---- C:\Windows\System32
2017-02-25 22:17:04 ----D---- C:\Windows\inf
2017-02-25 22:17:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-25 20:28:59 ----D---- C:\Program Files (x86)\Steam
2017-02-25 20:26:39 ----D---- C:\Windows
2017-02-25 20:25:30 ----D---- C:\ProgramData\NVIDIA
2017-02-25 20:03:43 ----D---- C:\Windows\SysWOW64
2017-02-25 20:03:33 ----D---- C:\Windows\system32\drivers
2017-02-25 20:03:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-25 20:03:18 ----D---- C:\Windows\system32\DriverStore
2017-02-25 20:02:54 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-25 20:02:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvdispco6434144.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-25 20:02:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvdispgenco6434144.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-25 20:02:47 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-25 20:02:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-25 20:00:27 ----D---- C:\Windows\system32\catroot2
2017-02-25 19:59:31 ----A---- C:\Windows\system32\nvvsvc.exe
2017-02-25 19:57:56 ----D---- C:\Temp
2017-02-25 19:56:19 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-02-25 19:56:19 ----A---- C:\Windows\system32\OpenCL.dll
2017-02-25 19:55:02 ----D---- C:\ProgramData\Package Cache
2017-02-25 19:54:57 ----SHD---- C:\System Volume Information
2017-02-25 19:33:36 ----D---- C:\Users\Admin\AppData\Roaming\Raptr
2017-02-25 19:30:29 ----D---- C:\Program Files\TrueKey
2017-02-25 19:16:35 ----D---- C:\Windows\system32\MRT
2017-02-25 19:16:27 ----AC---- C:\Windows\system32\MRT.exe
2017-02-24 23:06:07 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2017-02-22 06:05:49 ----SHD---- C:\Windows\Installer
2017-02-22 06:03:46 ----D---- C:\Program Files (x86)\McAfee
2017-02-19 05:28:41 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-15 05:01:54 ----D---- C:\Users\Admin\AppData\Roaming\AIMP3
2017-02-14 16:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-14 15:58:59 ----D---- C:\Windows\system32\Macromed
2017-02-14 15:57:58 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-07 22:41:38 ----RSD---- C:\Windows\assembly
2017-02-07 22:40:40 ----D---- C:\Windows\Logs
2017-02-07 22:08:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-02 19:29:42 ----D---- C:\Program Files\McAfee Security Scan
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 01:57:07 ----D---- C:\Windows\winsxs
2017-01-28 23:41:27 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01:38]; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-11-16 148976]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-08 75248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-05-09 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-05-09 47672]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-05-08 868848]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2015-07-23 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2015-07-23 9160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2015-07-23 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-07-24 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-13 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2017-02-25 932728]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-22 996824]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-02-22 16248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2015-07-23 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-05-09 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-15 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-15 125112]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-14 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-02-02 329480]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-22 86864]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-15 51384]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-08 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-07 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-12-07 292136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé prohlížeče, sem tam nové okno
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé prohlížeče, sem tam nové okno
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé prohlížeče, sem tam nové okno
# AdwCleaner v6.043 - Log vytvořen 26/02/2017 v 12:50:36
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-24.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Admin - PENTIUM
# Spuštěno z : D:\Dokumenty\_Stažené soubory\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Admin\AppData\Roaming\RPEng
***** [ Soubory ] *****
[-] Soubor smazán: C:\END
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1828 Bajty] - [26/02/2017 12:50:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [2159 Bajty] - [26/02/2017 12:49:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1974 Bajty] ##########
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-02-24.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Admin - PENTIUM
# Spuštěno z : D:\Dokumenty\_Stažené soubory\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Admin\AppData\Roaming\RPEng
***** [ Soubory ] *****
[-] Soubor smazán: C:\END
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán: HKU\S-1-5-21-3779098215-2951374784-2259018695-1000\Software\Conduit
[#] Klíč smazán po restartu: HKCU\Software\Conduit
[#] Klíč smazán po restartu: [x64] HKCU\Software\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1828 Bajty] - [26/02/2017 12:50:36]
C:\AdwCleaner\AdwCleaner[S0].txt - [2159 Bajty] - [26/02/2017 12:49:15]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1974 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé prohlížeče, sem tam nové okno
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé prohlížeče, sem tam nové okno
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-02-26 13:15:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 3072 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:39, on 26.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\volumouse\volumouse32.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Voobly] "C:\Program Files (x86)\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8997 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x420
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1848
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
"C:\Program Files (x86)\volumouse\volumouse32.exe" /loadvlm 65876 "C:\Users\Admin\AppData\Local\Volumouse\volumouse.cfg"
"C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe"
"C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 2992
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe" -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMerger -Embedding
"C:\Windows\system32\SearchFilterHost.exe" 0 856 860 868 65536 864
"D:\Dokumenty\_Stažené soubory\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\extensions\
artur.dubovoy@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\volumouse\volumouse.exe [2011-06-21 88576]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2015-10-26 514048]
"Voobly"=C:\Program Files (x86)\Voobly\voobly.exe [2016-05-08 159744]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-05-09 4177784]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AtomTime"=C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [2004-12-03 396316]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-10-03 58584]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-10-27 50448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-29 596504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=1
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-02-26 12:45:44 ----D---- C:\AdwCleaner
2017-02-26 07:52:49 ----D---- C:\Program Files\trend micro
2017-02-26 07:52:48 ----D---- C:\rsit
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-25 19:32:40 ----D---- C:\NVIDIA
2017-02-07 21:54:00 ----D---- C:\Users\Admin\AppData\Roaming\InstallShield
2017-01-29 01:46:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-01-29 01:45:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-01-29 01:33:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-01-29 01:31:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-01-29 01:30:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-01-29 01:23:33 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-01-29 01:23:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-01-29 01:23:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-01-29 01:22:35 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-01-29 01:18:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-01-29 01:17:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-01-29 01:13:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-01-29 01:12:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-01-29 01:12:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-01-29 01:11:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-01-29 01:09:21 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-01-29 01:08:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-01-29 01:03:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-01-29 00:55:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-01-29 00:54:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-01-29 00:51:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-01-29 00:48:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-01-29 00:47:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-01-29 00:44:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2017-01-29 00:41:46 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-01-29 00:41:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-01-29 00:38:20 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-01-29 00:34:10 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-01-29 00:27:53 ----A---- C:\Windows\system32\d3dx10.dll
2017-01-29 00:25:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2017-01-29 00:24:12 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-01-29 00:21:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-01-29 00:20:08 ----A---- C:\Windows\system32\xinput1_2.dll
2017-01-29 00:05:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-01-29 00:03:04 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-01-29 00:02:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-01-29 00:00:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-01-28 23:59:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-01-28 23:57:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-01-28 23:41:27 ----D---- C:\Program Files (x86)\Ubisoft
2017-01-27 20:36:07 ----D---- C:\Windows\SYSWOW64\directx
======List of files/folders modified in the last 1 month======
2017-02-26 12:54:45 ----D---- C:\Users\Admin\AppData\Roaming\Raptr
2017-02-26 12:51:51 ----D---- C:\Program Files (x86)\Steam
2017-02-26 12:50:46 ----D---- C:\Windows\system32\config
2017-02-26 07:52:49 ----RD---- C:\Program Files
2017-02-26 01:00:31 ----D---- C:\Windows\temp
2017-02-25 22:17:04 ----D---- C:\Windows\System32
2017-02-25 22:17:04 ----D---- C:\Windows\inf
2017-02-25 22:17:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-25 20:26:39 ----D---- C:\Windows
2017-02-25 20:25:30 ----D---- C:\ProgramData\NVIDIA
2017-02-25 20:03:43 ----D---- C:\Windows\SysWOW64
2017-02-25 20:03:33 ----D---- C:\Windows\system32\drivers
2017-02-25 20:03:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-25 20:03:18 ----D---- C:\Windows\system32\DriverStore
2017-02-25 20:02:54 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-25 20:02:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvdispco6434144.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-25 20:02:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvdispgenco6434144.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-25 20:02:47 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-25 20:02:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-25 20:00:27 ----D---- C:\Windows\system32\catroot2
2017-02-25 19:59:51 ----D---- C:\Temp
2017-02-25 19:59:31 ----A---- C:\Windows\system32\nvvsvc.exe
2017-02-25 19:56:19 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-02-25 19:56:19 ----A---- C:\Windows\system32\OpenCL.dll
2017-02-25 19:55:02 ----D---- C:\ProgramData\Package Cache
2017-02-25 19:54:57 ----SHD---- C:\System Volume Information
2017-02-25 19:30:59 ----D---- C:\Program Files (x86)\McAfee
2017-02-25 19:30:29 ----D---- C:\Program Files\TrueKey
2017-02-25 19:21:09 ----D---- C:\Windows\system32\MRT
2017-02-25 19:16:27 ----AC---- C:\Windows\system32\MRT.exe
2017-02-25 04:47:45 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2017-02-22 06:05:49 ----SHD---- C:\Windows\Installer
2017-02-19 05:28:41 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-15 05:01:54 ----D---- C:\Users\Admin\AppData\Roaming\AIMP3
2017-02-14 16:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-14 15:58:59 ----D---- C:\Windows\system32\Macromed
2017-02-14 15:57:58 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-07 22:41:38 ----RSD---- C:\Windows\assembly
2017-02-07 22:40:40 ----D---- C:\Windows\Logs
2017-02-07 22:08:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-02 19:29:42 ----D---- C:\Program Files\McAfee Security Scan
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 01:57:07 ----D---- C:\Windows\winsxs
2017-01-28 23:41:27 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01:38]; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-11-16 148976]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-08 75248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-05-09 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-05-09 47672]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-05-08 868848]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2015-07-23 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2015-07-23 9160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2015-07-23 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-07-24 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-13 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2017-02-25 932728]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-22 996824]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-02-22 16248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2015-07-23 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-05-09 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-15 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-15 125112]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-14 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-02-02 329480]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-22 86864]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-15 51384]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-08 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-07 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-12-07 292136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
-----------------EOF-----------------
Run by Admin at 2017-02-26 13:15:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 36 GB (32%) free of 114 GB
Total RAM: 3072 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:15:39, on 26.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\volumouse\volumouse32.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Voobly] "C:\Program Files (x86)\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8997 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x420
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1848
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
"C:\Program Files (x86)\volumouse\volumouse32.exe" /loadvlm 65876 "C:\Users\Admin\AppData\Local\Volumouse\volumouse.cfg"
"C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe"
"C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 2992
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe" -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMerger -Embedding
"C:\Windows\system32\SearchFilterHost.exe" 0 856 860 868 65536 864
"D:\Dokumenty\_Stažené soubory\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\extensions\
artur.dubovoy@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\volumouse\volumouse.exe [2011-06-21 88576]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2015-10-26 514048]
"Voobly"=C:\Program Files (x86)\Voobly\voobly.exe [2016-05-08 159744]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-05-09 4177784]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AtomTime"=C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [2004-12-03 396316]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-10-03 58584]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-10-27 50448]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-29 596504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=1
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-02-26 12:45:44 ----D---- C:\AdwCleaner
2017-02-26 07:52:49 ----D---- C:\Program Files\trend micro
2017-02-26 07:52:48 ----D---- C:\rsit
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-25 19:32:40 ----D---- C:\NVIDIA
2017-02-07 21:54:00 ----D---- C:\Users\Admin\AppData\Roaming\InstallShield
2017-01-29 01:46:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-01-29 01:45:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-01-29 01:33:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-01-29 01:31:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-01-29 01:30:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-01-29 01:23:33 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-01-29 01:23:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-01-29 01:23:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-01-29 01:22:35 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-01-29 01:18:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-01-29 01:17:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-01-29 01:13:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-01-29 01:12:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-01-29 01:12:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-01-29 01:11:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-01-29 01:09:21 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-01-29 01:08:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-01-29 01:03:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-01-29 00:55:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-01-29 00:54:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-01-29 00:51:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-01-29 00:48:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-01-29 00:47:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-01-29 00:44:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2017-01-29 00:41:46 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-01-29 00:41:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-01-29 00:38:20 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-01-29 00:34:10 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-01-29 00:27:53 ----A---- C:\Windows\system32\d3dx10.dll
2017-01-29 00:25:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2017-01-29 00:24:12 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-01-29 00:21:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-01-29 00:20:08 ----A---- C:\Windows\system32\xinput1_2.dll
2017-01-29 00:05:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-01-29 00:03:04 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-01-29 00:02:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-01-29 00:00:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-01-28 23:59:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-01-28 23:57:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-01-28 23:41:27 ----D---- C:\Program Files (x86)\Ubisoft
2017-01-27 20:36:07 ----D---- C:\Windows\SYSWOW64\directx
======List of files/folders modified in the last 1 month======
2017-02-26 12:54:45 ----D---- C:\Users\Admin\AppData\Roaming\Raptr
2017-02-26 12:51:51 ----D---- C:\Program Files (x86)\Steam
2017-02-26 12:50:46 ----D---- C:\Windows\system32\config
2017-02-26 07:52:49 ----RD---- C:\Program Files
2017-02-26 01:00:31 ----D---- C:\Windows\temp
2017-02-25 22:17:04 ----D---- C:\Windows\System32
2017-02-25 22:17:04 ----D---- C:\Windows\inf
2017-02-25 22:17:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-25 20:26:39 ----D---- C:\Windows
2017-02-25 20:25:30 ----D---- C:\ProgramData\NVIDIA
2017-02-25 20:03:43 ----D---- C:\Windows\SysWOW64
2017-02-25 20:03:33 ----D---- C:\Windows\system32\drivers
2017-02-25 20:03:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-25 20:03:18 ----D---- C:\Windows\system32\DriverStore
2017-02-25 20:02:54 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-25 20:02:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvdispco6434144.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-25 20:02:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvdispgenco6434144.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-25 20:02:47 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-25 20:02:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-25 20:00:27 ----D---- C:\Windows\system32\catroot2
2017-02-25 19:59:51 ----D---- C:\Temp
2017-02-25 19:59:31 ----A---- C:\Windows\system32\nvvsvc.exe
2017-02-25 19:56:19 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-02-25 19:56:19 ----A---- C:\Windows\system32\OpenCL.dll
2017-02-25 19:55:02 ----D---- C:\ProgramData\Package Cache
2017-02-25 19:54:57 ----SHD---- C:\System Volume Information
2017-02-25 19:30:59 ----D---- C:\Program Files (x86)\McAfee
2017-02-25 19:30:29 ----D---- C:\Program Files\TrueKey
2017-02-25 19:21:09 ----D---- C:\Windows\system32\MRT
2017-02-25 19:16:27 ----AC---- C:\Windows\system32\MRT.exe
2017-02-25 04:47:45 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2017-02-22 06:05:49 ----SHD---- C:\Windows\Installer
2017-02-19 05:28:41 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-15 05:01:54 ----D---- C:\Users\Admin\AppData\Roaming\AIMP3
2017-02-14 16:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-14 15:58:59 ----D---- C:\Windows\system32\Macromed
2017-02-14 15:57:58 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-07 22:41:38 ----RSD---- C:\Windows\assembly
2017-02-07 22:40:40 ----D---- C:\Windows\Logs
2017-02-07 22:08:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-02 19:29:42 ----D---- C:\Program Files\McAfee Security Scan
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 01:57:07 ----D---- C:\Windows\winsxs
2017-01-28 23:41:27 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01:38]; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-11-16 148976]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-08 75248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-05-09 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-05-09 47672]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-05-08 868848]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2015-07-23 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2015-07-23 9160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2015-07-23 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-07-24 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-13 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2017-02-25 932728]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-22 996824]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-02-22 16248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2015-07-23 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-05-09 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-15 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-15 125112]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-14 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-02-02 329480]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-22 86864]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-15 51384]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-08 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-07 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-12-07 292136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé prohlížeče, sem tam nové okno
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files\McAfee Security Scan
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
:reg
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalé prohlížeče, sem tam nové okno
Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2017-02-26 18:52:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 37 GB (32%) free of 114 GB
Total RAM: 3072 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:58, on 26.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\volumouse\volumouse32.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Voobly] "C:\Program Files (x86)\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8679 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x418
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {14257E9D-CDCC-46D6-BFBA-625D043F8F6C}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1960
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
"C:\Program Files (x86)\volumouse\volumouse32.exe" /loadvlm 65900 "C:\Users\Admin\AppData\Local\Volumouse\volumouse.cfg"
"C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 2636
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 856 860 868 65536 864
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3779098215-2951374784-2259018695-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3779098215-2951374784-2259018695-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"D:\Dokumenty\_Stažené soubory\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\extensions\
artur.dubovoy@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\volumouse\volumouse.exe [2011-06-21 88576]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2015-10-26 514048]
"Voobly"=C:\Program Files (x86)\Voobly\voobly.exe [2016-05-08 159744]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-05-09 4177784]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AtomTime"=C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [2004-12-03 396316]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-10-03 58584]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-10-27 50448]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=1
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-02-26 12:45:44 ----D---- C:\AdwCleaner
2017-02-26 07:52:49 ----D---- C:\Program Files\trend micro
2017-02-26 07:52:48 ----D---- C:\rsit
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-25 19:32:40 ----D---- C:\NVIDIA
2017-02-07 21:54:00 ----D---- C:\Users\Admin\AppData\Roaming\InstallShield
2017-01-29 01:46:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-01-29 01:45:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-01-29 01:33:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-01-29 01:31:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-01-29 01:30:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-01-29 01:23:33 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-01-29 01:23:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-01-29 01:23:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-01-29 01:22:35 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-01-29 01:18:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-01-29 01:17:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-01-29 01:13:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-01-29 01:12:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-01-29 01:12:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-01-29 01:11:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-01-29 01:09:21 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-01-29 01:08:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-01-29 01:03:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-01-29 00:55:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-01-29 00:54:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-01-29 00:51:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-01-29 00:48:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-01-29 00:47:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-01-29 00:44:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2017-01-29 00:41:46 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-01-29 00:41:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-01-29 00:38:20 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-01-29 00:34:10 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-01-29 00:27:53 ----A---- C:\Windows\system32\d3dx10.dll
2017-01-29 00:25:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2017-01-29 00:24:12 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-01-29 00:21:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-01-29 00:20:08 ----A---- C:\Windows\system32\xinput1_2.dll
2017-01-29 00:05:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-01-29 00:03:04 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-01-29 00:02:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-01-29 00:00:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-01-28 23:59:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-01-28 23:57:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-01-28 23:41:27 ----D---- C:\Program Files (x86)\Ubisoft
2017-01-27 20:36:07 ----D---- C:\Windows\SYSWOW64\directx
======List of files/folders modified in the last 1 month======
2017-02-26 18:52:31 ----D---- C:\Program Files (x86)\Steam
2017-02-26 18:50:15 ----D---- C:\Users\Admin\AppData\Roaming\Raptr
2017-02-26 18:49:06 ----RD---- C:\Program Files
2017-02-26 18:48:06 ----D---- C:\Windows\system32\config
2017-02-26 18:47:59 ----D---- C:\Windows\system32\drivers\etc
2017-02-26 18:47:56 ----D---- C:\Windows\temp
2017-02-26 18:47:54 ----D---- C:\Windows\SysWOW64
2017-02-25 22:17:04 ----D---- C:\Windows\System32
2017-02-25 22:17:04 ----D---- C:\Windows\inf
2017-02-25 22:17:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-25 20:26:39 ----D---- C:\Windows
2017-02-25 20:25:30 ----D---- C:\ProgramData\NVIDIA
2017-02-25 20:03:33 ----D---- C:\Windows\system32\drivers
2017-02-25 20:03:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-25 20:03:18 ----D---- C:\Windows\system32\DriverStore
2017-02-25 20:02:54 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-25 20:02:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvdispco6434144.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-25 20:02:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvdispgenco6434144.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-25 20:02:47 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-25 20:02:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-25 20:00:27 ----D---- C:\Windows\system32\catroot2
2017-02-25 19:59:51 ----D---- C:\Temp
2017-02-25 19:59:31 ----A---- C:\Windows\system32\nvvsvc.exe
2017-02-25 19:56:19 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-02-25 19:56:19 ----A---- C:\Windows\system32\OpenCL.dll
2017-02-25 19:55:02 ----D---- C:\ProgramData\Package Cache
2017-02-25 19:54:57 ----SHD---- C:\System Volume Information
2017-02-25 19:30:59 ----D---- C:\Program Files (x86)\McAfee
2017-02-25 19:30:29 ----D---- C:\Program Files\TrueKey
2017-02-25 19:21:09 ----D---- C:\Windows\system32\MRT
2017-02-25 19:16:27 ----AC---- C:\Windows\system32\MRT.exe
2017-02-25 04:47:45 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2017-02-22 06:05:49 ----SHD---- C:\Windows\Installer
2017-02-19 05:28:41 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-15 05:01:54 ----D---- C:\Users\Admin\AppData\Roaming\AIMP3
2017-02-14 16:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-14 15:58:59 ----D---- C:\Windows\system32\Macromed
2017-02-14 15:57:58 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-07 22:41:38 ----RSD---- C:\Windows\assembly
2017-02-07 22:40:40 ----D---- C:\Windows\Logs
2017-02-07 22:08:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 01:57:07 ----D---- C:\Windows\winsxs
2017-01-28 23:41:27 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01:38]; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-11-16 148976]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-08 75248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-05-09 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-05-09 47672]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-05-08 868848]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2015-07-23 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2015-07-23 9160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2015-07-23 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-07-24 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-13 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2017-02-25 932728]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-22 996824]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-02-22 16248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2015-07-23 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-05-09 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-15 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-15 125112]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-14 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-22 86864]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-15 51384]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-08 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-07 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-12-07 292136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
-----------------EOF-----------------
Run by Admin at 2017-02-26 18:52:53
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 37 GB (32%) free of 114 GB
Total RAM: 3072 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:52:58, on 26.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\volumouse\volumouse32.exe
C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE
C:\ProgramData\Boxtools\Toolbox.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [AtomTime] "C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKCU\..\Run: [$Volumouse$] "C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Voobly] "C:\Program Files (x86)\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8679 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x418
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {14257E9D-CDCC-46D6-BFBA-625D043F8F6C}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1960
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\volumouse\volumouse.exe" /nodlg
"C:\Program Files (x86)\volumouse\volumouse32.exe" /loadvlm 65900 "C:\Users\Admin\AppData\Local\Volumouse\volumouse.cfg"
"C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE"
"C:\ProgramData\Boxtools\Toolbox.exe" -autorun
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 2636
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 856 860 868 65536 864
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3779098215-2951374784-2259018695-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3779098215-2951374784-2259018695-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"D:\Dokumenty\_Stažené soubory\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 24.0.0.221 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\pua9e5q0.default\extensions\
artur.dubovoy@gmail.com
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-29 553024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-29 214080]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-02-08 1048800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2016-09-27 1610936]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"$Volumouse$"=C:\Program Files (x86)\volumouse\volumouse.exe [2011-06-21 88576]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2015-10-26 514048]
"Voobly"=C:\Program Files (x86)\Voobly\voobly.exe [2016-05-08 159744]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-05-09 4177784]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-12-09 2876704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AtomTime"=C:\Program Files (x86)\AtomTime Pro\AtomTime.EXE [2004-12-03 396316]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-10-03 58584]
"PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-10-27 50448]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=1
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2017-02-26 12:45:44 ----D---- C:\AdwCleaner
2017-02-26 07:52:49 ----D---- C:\Program Files\trend micro
2017-02-26 07:52:48 ----D---- C:\rsit
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-25 19:54:01 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-25 19:32:40 ----D---- C:\NVIDIA
2017-02-07 21:54:00 ----D---- C:\Users\Admin\AppData\Roaming\InstallShield
2017-01-29 01:46:01 ----A---- C:\Windows\system32\d3dcsx_42.dll
2017-01-29 01:45:01 ----A---- C:\Windows\system32\d3dx11_42.dll
2017-01-29 01:33:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2017-01-29 01:31:14 ----A---- C:\Windows\system32\xactengine3_4.dll
2017-01-29 01:30:07 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2017-01-29 01:23:33 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2017-01-29 01:23:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2017-01-29 01:23:01 ----A---- C:\Windows\system32\xactengine3_3.dll
2017-01-29 01:22:35 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2017-01-29 01:18:26 ----A---- C:\Windows\system32\d3dx10_39.dll
2017-01-29 01:17:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2017-01-29 01:13:39 ----A---- C:\Windows\system32\XAudio2_1.dll
2017-01-29 01:12:58 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2017-01-29 01:12:08 ----A---- C:\Windows\system32\xactengine3_1.dll
2017-01-29 01:11:17 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2017-01-29 01:09:21 ----A---- C:\Windows\system32\d3dx10_38.dll
2017-01-29 01:08:24 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2017-01-29 01:03:49 ----A---- C:\Windows\system32\xactengine3_0.dll
2017-01-29 00:55:41 ----A---- C:\Windows\system32\d3dx10_36.dll
2017-01-29 00:54:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2017-01-29 00:51:11 ----A---- C:\Windows\system32\d3dx9_36.dll
2017-01-29 00:48:34 ----A---- C:\Windows\system32\d3dx10_35.dll
2017-01-29 00:47:43 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2017-01-29 00:44:17 ----A---- C:\Windows\system32\d3dx9_35.dll
2017-01-29 00:41:46 ----A---- C:\Windows\system32\d3dx10_34.dll
2017-01-29 00:41:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2017-01-29 00:38:20 ----A---- C:\Windows\system32\d3dx9_34.dll
2017-01-29 00:34:10 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2017-01-29 00:27:53 ----A---- C:\Windows\system32\d3dx10.dll
2017-01-29 00:25:15 ----A---- C:\Windows\system32\d3dx9_32.dll
2017-01-29 00:24:12 ----A---- C:\Windows\system32\xactengine2_4.dll
2017-01-29 00:21:09 ----A---- C:\Windows\system32\d3dx9_31.dll
2017-01-29 00:20:08 ----A---- C:\Windows\system32\xinput1_2.dll
2017-01-29 00:05:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\xactengine2_0.dll
2017-01-29 00:03:43 ----A---- C:\Windows\system32\x3daudio1_0.dll
2017-01-29 00:03:04 ----A---- C:\Windows\system32\d3dx9_29.dll
2017-01-29 00:02:10 ----A---- C:\Windows\system32\d3dx9_28.dll
2017-01-29 00:00:52 ----A---- C:\Windows\system32\d3dx9_27.dll
2017-01-28 23:59:42 ----A---- C:\Windows\system32\d3dx9_26.dll
2017-01-28 23:57:06 ----A---- C:\Windows\system32\d3dx9_24.dll
2017-01-28 23:41:27 ----D---- C:\Program Files (x86)\Ubisoft
2017-01-27 20:36:07 ----D---- C:\Windows\SYSWOW64\directx
======List of files/folders modified in the last 1 month======
2017-02-26 18:52:31 ----D---- C:\Program Files (x86)\Steam
2017-02-26 18:50:15 ----D---- C:\Users\Admin\AppData\Roaming\Raptr
2017-02-26 18:49:06 ----RD---- C:\Program Files
2017-02-26 18:48:06 ----D---- C:\Windows\system32\config
2017-02-26 18:47:59 ----D---- C:\Windows\system32\drivers\etc
2017-02-26 18:47:56 ----D---- C:\Windows\temp
2017-02-26 18:47:54 ----D---- C:\Windows\SysWOW64
2017-02-25 22:17:04 ----D---- C:\Windows\System32
2017-02-25 22:17:04 ----D---- C:\Windows\inf
2017-02-25 22:17:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-25 20:26:39 ----D---- C:\Windows
2017-02-25 20:25:30 ----D---- C:\ProgramData\NVIDIA
2017-02-25 20:03:33 ----D---- C:\Windows\system32\drivers
2017-02-25 20:03:32 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-25 20:03:18 ----D---- C:\Windows\system32\DriverStore
2017-02-25 20:02:54 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-25 20:02:53 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-25 20:02:52 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-25 20:02:51 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-25 20:02:51 ----A---- C:\Windows\system32\nvdispco6434144.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-25 20:02:49 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-25 20:02:49 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-25 20:02:48 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-25 20:02:48 ----A---- C:\Windows\system32\nvdispgenco6434144.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-25 20:02:47 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-25 20:02:47 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-25 20:02:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-25 20:00:27 ----D---- C:\Windows\system32\catroot2
2017-02-25 19:59:51 ----D---- C:\Temp
2017-02-25 19:59:31 ----A---- C:\Windows\system32\nvvsvc.exe
2017-02-25 19:56:19 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-02-25 19:56:19 ----A---- C:\Windows\system32\OpenCL.dll
2017-02-25 19:55:02 ----D---- C:\ProgramData\Package Cache
2017-02-25 19:54:57 ----SHD---- C:\System Volume Information
2017-02-25 19:30:59 ----D---- C:\Program Files (x86)\McAfee
2017-02-25 19:30:29 ----D---- C:\Program Files\TrueKey
2017-02-25 19:21:09 ----D---- C:\Windows\system32\MRT
2017-02-25 19:16:27 ----AC---- C:\Windows\system32\MRT.exe
2017-02-25 04:47:45 ----D---- C:\Users\Admin\AppData\Roaming\Vso
2017-02-22 06:05:49 ----SHD---- C:\Windows\Installer
2017-02-19 05:28:41 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2017-02-15 05:01:54 ----D---- C:\Users\Admin\AppData\Roaming\AIMP3
2017-02-14 16:02:15 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-02-14 15:58:59 ----D---- C:\Windows\system32\Macromed
2017-02-14 15:57:58 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-07 22:41:38 ----RSD---- C:\Windows\assembly
2017-02-07 22:40:40 ----D---- C:\Windows\Logs
2017-02-07 22:08:02 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-01 19:36:18 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-01-29 01:57:07 ----D---- C:\Windows\winsxs
2017-01-28 23:41:27 ----RD---- C:\Program Files (x86)
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2016-08-31 31648]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2016-08-31 830624]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2016-08-31 56976]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2016-08-31 116248]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2015/07/23 10:01:38]; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-11-16 148976]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-08 75248]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-05-09 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-05-09 47672]
R3 P17;SB Audigy; C:\Windows\system32\drivers\P17.sys [2009-10-16 1309696]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-05-08 868848]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 epmntdrv;epmntdrv; \??\C:\Windows\syswow64\epmntdrv.sys [2015-07-23 14920]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\syswow64\EuGdiDrv.sys [2015-07-23 9160]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2015-07-23 31800]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-07-24 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-01-13 82640]
R2 CmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2016-09-27 5817256]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2013-10-28 429056]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2017-02-25 932728]
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-02-22 996824]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-02-22 16248]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2015-07-23 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-05-09 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-12-15 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-12-15 125112]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-14 270936]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2016-09-27 2271928]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-12-14 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-01-29 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-09 1467168]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-02-22 86864]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-12-15 51384]
S4 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-08 83240]
S4 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-07 75048]
S4 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-12-07 292136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-12-15 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalé prohlížeče, sem tam nové okno
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?