Dobrý večer, v poslední době pozoruji výrazné zpomalení internetových prohlížečů , ale i složky se po startu otevírají dlouho.
Zkoušel jsem přeinstalovat prohlížeče, pc aktualizovat , několikrát přejet pc přes ccleaner , nic nepomáha.
Hlavně prohlížeč je zpomalený a zasekává se. Používám mozilu.
Děkuji.
Log z RSIT :
Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2014-05-31 21:16:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 41 GB (41%) free of 100 GB
Total RAM: 4095 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:16:08, on 31.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?ctid=CT33149 ... BA04&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: SiteFinder - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Site Finder - {CCC7B152-1D8C-11E3-B2AD-F3EF3D58318D} - C:\Program Files (x86)\SiteFinder\SiteFinder.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9603 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-72c40720-8b5f-47fe-9d8a-0388ea179565 -SystemEventPortName:HostProcess-cf55d77a-6595-4cd7-8edb-dcda4d8b8280 -IoCancelEventPortName:HostProcess-0327d30e-8413-4a37-b32b-403ef971b943 -NonStateChangingEventPortName:HostProcess-02e175a7-9371-44bc-99dd-6f00537cac03 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5a693727-9723-409d-b1d5-c90aadac2235 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1293560497-823577494-961373410-7265811091992951118432866-18543528051333060517
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\doma\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-25 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-25 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} - SiteFinder - C:\Program Files (x86)\SiteFinder\SiteFinder.dll [2014-03-06 367104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1269072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"nvch"=rchnewver.dll,go []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-05-31 21:16:02 ----D---- C:\rsit
2014-05-31 21:16:02 ----D---- C:\Program Files\trend micro
2014-05-29 16:30:54 ----A---- C:\Windows\unvise32.exe
2014-05-29 16:30:50 ----D---- C:\Program Files (x86)\LooksBuilderSE
2014-05-29 16:27:45 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2014-05-29 16:25:25 ----D---- C:\ProgramData\Studio 14
2014-05-29 16:25:25 ----D---- C:\ProgramData\Pinnacle Studio Plus
2014-05-29 16:21:18 ----D---- C:\ProgramData\Pinnacle
2014-05-29 16:21:18 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-27 20:47:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-19 21:45:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-05-19 21:45:13 ----D---- C:\Program Files (x86)\SiteFinder
2014-05-19 21:45:08 ----D---- C:\Users\doma\AppData\Roaming\SimilarSites
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 17:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 17:32:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 13:36:08 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 13:36:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 13:35:51 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 13:35:50 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 13:35:50 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:35:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 13:35:48 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 13:35:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 13:35:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 13:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 04:48:57 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 months======
2014-05-31 21:16:08 ----D---- C:\Windows\Temp
2014-05-31 21:16:08 ----D---- C:\Windows\Prefetch
2014-05-31 21:16:02 ----RD---- C:\Program Files
2014-05-31 21:15:59 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2014-05-31 21:07:36 ----D---- C:\Windows\System32
2014-05-31 21:07:36 ----D---- C:\Windows\inf
2014-05-31 21:07:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-31 21:04:27 ----D---- C:\Windows\system32\wdi
2014-05-31 21:01:34 ----D---- C:\ProgramData\NVIDIA
2014-05-31 21:01:03 ----D---- C:\Windows\system32\config
2014-05-31 09:12:02 ----D---- C:\Windows\system32\catroot2
2014-05-30 21:45:15 ----D---- C:\Program Files (x86)\The KMPlayer
2014-05-30 19:32:05 ----D---- C:\Windows
2014-05-30 16:02:32 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2014-05-30 09:28:25 ----SHD---- C:\System Volume Information
2014-05-29 16:32:19 ----SHD---- C:\Windows\Installer
2014-05-29 16:31:30 ----D---- C:\Windows\SysWOW64
2014-05-29 16:30:50 ----RD---- C:\Program Files (x86)
2014-05-29 16:29:06 ----D---- C:\Windows\system32\DriverStore
2014-05-29 16:29:06 ----D---- C:\Windows\system32\catroot
2014-05-29 16:28:50 ----D---- C:\Windows\system32\drivers
2014-05-29 16:28:42 ----SD---- C:\Users\doma\AppData\Roaming\Microsoft
2014-05-29 16:28:42 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 16:27:45 ----HD---- C:\ProgramData
2014-05-29 16:27:17 ----D---- C:\Windows\winsxs
2014-05-29 16:26:54 ----RSD---- C:\Windows\Fonts
2014-05-27 20:47:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-25 17:54:19 ----D---- C:\Windows\Logs
2014-05-25 17:54:19 ----D---- C:\Windows\debug
2014-05-24 04:19:10 ----D---- C:\Program Files (x86)\Battle.net
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 10:07:33 ----D---- C:\Windows\rescache
2014-05-17 09:16:21 ----D---- C:\Windows\Microsoft.NET
2014-05-17 09:15:23 ----RSD---- C:\Windows\assembly
2014-05-15 20:22:46 ----D---- C:\Program Files (x86)\Diablo III
2014-05-15 18:44:14 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 17:32:44 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 17:31:31 ----D---- C:\Windows\system32\MRT
2014-05-15 17:30:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-13 21:51:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-11 10:43:15 ----D---- C:\Windows\system32\NDF
2014-05-11 10:38:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-06 20:58:54 ----D---- C:\Users\doma\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-25 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-25 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-25 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
A ten druhý soubor , INFO :
info.txt logfile of random's system information tool 1.08 2014-05-31 21:16:12
======Uninstall list======
-->C:\Program Files (x86)\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
Adobe Flash Player 13 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.07) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
aTube Catcher-->C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\uninstall.exe
avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang= --uid=battle.net --displayname="Battle.net"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
COMODO Firewall-->MsiExec.exe /I{901D1D88-408D-48E5-80DD-CC3145BD8456}
DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
Diablo III-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=diablo3_engb --displayname="Diablo III"
Google Earth Plug-in-->MsiExec.exe /X{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Java 7 Update 55-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217051FF}
K-Lite Mega Codec Pack 10.2.0-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Knoll Light Factory EZ Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\klfezstudio.log
Magic Bullet Looks Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\mblooksstudio.log
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft .NET Framework 4.5.1 (CSY)-->MsiExec.exe /X{50813B8C-FCBB-3C61-8039-EAAA93029066}
Microsoft .NET Framework 4.5.1 (čeština)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\CSY\\Setup.exe /repair /x86 /x64 /lcid 1029
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86 /x64
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared 64-bit MUI (Czech) 2007-->MsiExec.exe /X{90120000-002A-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319-->MsiExec.exe /X{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
MKVtoolnix 4.9.1-->C:\Program Files (x86)\MKVtoolnix\uninst.exe
Mozilla Firefox 29.0.1 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nero 7 Ultra Edition-->MsiExec.exe /I{4908C75E-E5E2-43F7-B1DF-023CBA831029}
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
NVIDIA GeForce Experience 1.8.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{86F0AE42-40C2-421F-989A-A02B712364C3}\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač 3D Vision 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B2A05640-4E57-41D5-8B7A-2FE4BCEDF684}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA Ovladač HD audia 1.3.30.1-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B2A05640-4E57-41D5-8B7A-2FE4BCEDF684}\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladač řídící jednotky 3D Vision 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B2A05640-4E57-41D5-8B7A-2FE4BCEDF684}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA Ovladače grafiky 337.88-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{B2A05640-4E57-41D5-8B7A-2FE4BCEDF684}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
NVIDIA Systémový software PhysX 9.13.1220-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{F0627AAF-797E-47D6-91BA-B2B8440E7348}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Virtual Audio 1.2.19-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{86F0AE42-40C2-421F-989A-A02B712364C3}\NVI2.DLL",UninstallPackage VirtualAudio.Driver
Ovladače videa společnosti Pinnacle-->MsiExec.exe /X{6DE721A5-5E89-4D74-994C-652BB3C0672E}
Pinnacle Studio 14-->MsiExec.exe /I{AADD1C8F-D59F-4D55-A726-768C71A205A8}
Pinnacle Studio Ultimate Collection Plugins-->MsiExec.exe /I{F5C372A1-40F3-49DA-A049-F75CDE9177DC}
PlayLiteM 1.0.1.4.LM-->"C:\Program Files (x86)\Mpeg4 Player Lite\unins000.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Red Giant ToonIt Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\rgtoonitstudio.log
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {599EC629-2679-30CE-B28B-7432EF5FC126}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79850906-6D2B-4061-8EAF-EAC84173DEC5}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {A4A50F66-DD0F-4150-A19F-0F35531D6E21}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7112510-2575-4BA4-A576-78BF8A6307BC}
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4CCE0378-386F-4DC2-9CC1-A3710C77057D}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2878236) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF5CD3E0-D52B-4561-A4B6-AF8296E0EEA5}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {686630EC-8033-4031-85C5-D8E5CD62A958}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2878237) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A4EE5251-03F4-47DE-B5BC-713D708902A8}
SiteFinder-->C:\Program Files (x86)\SiteFinder\sitefinder_uninstaller.exe
Skype™ 6.14-->MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
Trapcode 3DStroke Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tc3dstrokestudio.log
Trapcode Particular Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcparticularstudio.log
Trapcode Shine Studio-->C:\Windows\unvise32.exe C:\Program Files (x86)\Pinnacle\Studio 14\Plugins\RTFx\tcshinestudio.log
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {A030537D-0034-46AD-A730-B1119786F607}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2720451F-5D04-43EC-AB1F-26D948FD971B}
WinRAR 5.00 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinZip 18.0-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}
======Hosts File======
127.0.0.1 player.kmpmedia.net
======System event log======
Computer Name: doma-PC
Event Code: 6
Message: Filtr systému souborů aswSP (verze 6.0, ?2014?-?01?-?21T18:17:55.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 13778
Source Name: Microsoft-Windows-FilterManager
Time Written: 20140213132548.418800-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: doma-PC
Event Code: 6
Message: Filtr systému souborů cmdGuard (verze 6.1, ?2013?-?11?-?14T12:16:49.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 13777
Source Name: Microsoft-Windows-FilterManager
Time Written: 20140213132548.403200-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: doma-PC
Event Code: 6
Message: Filtr systému souborů aswSnx (verze 6.0, ?2014?-?01?-?21T18:11:09.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 13776
Source Name: Microsoft-Windows-FilterManager
Time Written: 20140213132548.372000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: doma-PC
Event Code: 6
Message: Filtr systému souborů FileInfo (verze 6.1, ?2009?-?07?-?14T00:34:25.000000000Z) byl úspěšně načten a zaregistrován ve Správci filtrů.
Record Number: 13775
Source Name: Microsoft-Windows-FilterManager
Time Written: 20140213132546.905600-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: doma-PC
Event Code: 12
Message: Operační systém byl spuštěn v systémovém čase ?2014?-?02?-?13T13:25:46.125600000Z.
Record Number: 13774
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20140213132546.656000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: doma-PC
Event Code: 3
Message:
Record Number: 1691
Source Name: NvStreamSvc
Time Written: 20140127192101.000000-000
Event Type: Informace
User:
Computer Name: doma-PC
Event Code: 3
Message:
Record Number: 1690
Source Name: NvStreamSvc
Time Written: 20140127192101.000000-000
Event Type: Informace
User:
Computer Name: doma-PC
Event Code: 3
Message:
Record Number: 1689
Source Name: NvStreamSvc
Time Written: 20140127192101.000000-000
Event Type: Informace
User:
Computer Name: doma-PC
Event Code: 3
Message:
Record Number: 1688
Source Name: NvStreamSvc
Time Written: 20140127192101.000000-000
Event Type: Informace
User:
Computer Name: doma-PC
Event Code: 3
Message:
Record Number: 1687
Source Name: NvStreamSvc
Time Written: 20140127192101.000000-000
Event Type: Informace
User:
=====Security event log=====
Computer Name: 37L4247F27-25
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140127163757.360400-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247F27-25$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7
Typ přihlášení: 5
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x1c8
Název procesu: C:\Windows\System32\services.exe
Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140127163757.360400-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.
Počet prvků: 0
ID zásady: 0x3057c
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140127163755.082800-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4624
Message: Účet byl úspěšně přihlášen.
Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0
Typ přihlášení: 0
Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}
Informace o procesu:
ID procesu: 0x4
Název procesu:
Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -
Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0
Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.
Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.
Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).
Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.
Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.
Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140127163753.959600-000
Event Type: Úspěšný audit
User:
Computer Name: 37L4247F27-25
Event Code: 4608
Message: Spouští se systém Windows.
Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140127163753.897200-000
Event Type: Úspěšný audit
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\MKVtoolnix;C:\Program Files (x86)\Pinnacle\Shared Files\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=16
"PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD
"PROCESSOR_REVISION"=0503
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím kontrolu, výrazné zpomalení pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu, výrazné zpomalení pc
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu, výrazné zpomalení pc
# AdwCleaner v3.211 - Report created 31/05/2014 at 22:45:38
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : doma - DOMA-PC
# Running from : C:\Users\doma\Desktop\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Users\doma\AppData\Local\genienext
Folder Deleted : C:\Users\doma\AppData\Local\Mobogenie
Folder Deleted : C:\Users\doma\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\doma\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\doma\daemonprocess.txt
File Deleted : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\vjy91572.default\searchplugins\conduit-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\vjy91572.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
-\\ Google Chrome v
[ File : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2483 octets] - [31/05/2014 22:44:18]
AdwCleaner[S0].txt - [2103 octets] - [31/05/2014 22:45:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2163 octets] ##########
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : doma - DOMA-PC
# Running from : C:\Users\doma\Desktop\adwcleaner_3.211.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\RegClean
Folder Deleted : C:\Program Files (x86)\SmartTweak
Folder Deleted : C:\Users\doma\AppData\Local\genienext
Folder Deleted : C:\Users\doma\AppData\Local\Mobogenie
Folder Deleted : C:\Users\doma\AppData\Roaming\newnext.me
Folder Deleted : C:\Users\doma\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\doma\daemonprocess.txt
File Deleted : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\vjy91572.default\searchplugins\conduit-search.xml
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v29.0.1 (cs)
[ File : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\vjy91572.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
-\\ Google Chrome v
[ File : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2483 octets] - [31/05/2014 22:44:18]
AdwCleaner[S0].txt - [2103 octets] - [31/05/2014 22:45:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2163 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu, výrazné zpomalení pc
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu, výrazné zpomalení pc
Tak tím posledním krokem tou čístkou se rychlost prohlížeče poznatelně zlepšila 
, výborně, moc děkuji. Tady ten log, kdyby tam bylo ještě něco .
Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2014-06-01 21:35:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (40%) free of 100 GB
Total RAM: 4095 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:33, on 1.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8881 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a026112d-9f66-4ea6-a746-3c396465ca0a -SystemEventPortName:HostProcess-aa81b145-fc69-40f4-a523-fe981a182513 -IoCancelEventPortName:HostProcess-91720e43-adaf-4e30-abe0-87ff7e6d4c58 -NonStateChangingEventPortName:HostProcess-ad0848b8-a5eb-493c-b9d5-4dd2848d4c44 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8e0d1fe4-b8ca-4729-afef-36d5916743cc -DeviceGroupId:WpdFsGroup
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1340567737-1365579125-178438994-2047494543-13810527731221556315-6279471571846322414
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {CD922FCB-5C2E-4AB7-9415-E229A0B30A39}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 872 876 884 65536 880
"C:\Users\doma\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-25 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-25 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1269072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"nvch"=rchnewver.dll,go []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-05-31 22:44:54 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-31 22:44:13 ----D---- C:\AdwCleaner
2014-05-31 21:16:02 ----D---- C:\rsit
2014-05-31 21:16:02 ----D---- C:\Program Files\trend micro
2014-05-29 16:30:54 ----A---- C:\Windows\unvise32.exe
2014-05-29 16:30:50 ----D---- C:\Program Files (x86)\LooksBuilderSE
2014-05-29 16:27:45 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2014-05-29 16:25:25 ----D---- C:\ProgramData\Studio 14
2014-05-29 16:25:25 ----D---- C:\ProgramData\Pinnacle Studio Plus
2014-05-29 16:21:18 ----D---- C:\ProgramData\Pinnacle
2014-05-29 16:21:18 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-27 20:47:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-19 21:45:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 17:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 17:32:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 13:36:08 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 13:36:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 13:35:51 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 13:35:50 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 13:35:50 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:35:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 13:35:48 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 13:35:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 13:35:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 13:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 04:48:57 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 months======
2014-06-01 21:35:31 ----D---- C:\Windows\Temp
2014-06-01 21:35:08 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2014-06-01 20:36:18 ----D---- C:\Windows\Prefetch
2014-06-01 20:06:39 ----D---- C:\Windows\system32\config
2014-06-01 18:48:21 ----D---- C:\Program Files (x86)\The KMPlayer
2014-06-01 18:42:59 ----D---- C:\Windows\System32
2014-06-01 18:42:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:42:58 ----D---- C:\Windows\inf
2014-06-01 18:22:54 ----RD---- C:\Program Files (x86)
2014-06-01 18:21:16 ----D---- C:\ProgramData\NVIDIA
2014-05-31 22:55:24 ----D---- C:\Program Files (x86)\Battle.net
2014-05-31 22:46:23 ----D---- C:\Windows
2014-05-31 22:45:38 ----HD---- C:\ProgramData
2014-05-31 22:44:54 ----D---- C:\Windows\SysWOW64
2014-05-31 21:16:02 ----RD---- C:\Program Files
2014-05-31 21:04:27 ----D---- C:\Windows\system32\wdi
2014-05-31 09:12:02 ----D---- C:\Windows\system32\catroot2
2014-05-30 16:02:32 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2014-05-30 09:28:25 ----SHD---- C:\System Volume Information
2014-05-29 16:32:19 ----SHD---- C:\Windows\Installer
2014-05-29 16:29:06 ----D---- C:\Windows\system32\DriverStore
2014-05-29 16:29:06 ----D---- C:\Windows\system32\catroot
2014-05-29 16:28:50 ----D---- C:\Windows\system32\drivers
2014-05-29 16:28:42 ----SD---- C:\Users\doma\AppData\Roaming\Microsoft
2014-05-29 16:28:42 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 16:27:17 ----D---- C:\Windows\winsxs
2014-05-29 16:26:54 ----RSD---- C:\Windows\Fonts
2014-05-27 20:47:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-25 17:54:19 ----D---- C:\Windows\Logs
2014-05-25 17:54:19 ----D---- C:\Windows\debug
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 10:07:33 ----D---- C:\Windows\rescache
2014-05-17 09:16:21 ----D---- C:\Windows\Microsoft.NET
2014-05-17 09:15:23 ----RSD---- C:\Windows\assembly
2014-05-15 20:22:46 ----D---- C:\Program Files (x86)\Diablo III
2014-05-15 18:44:14 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 17:32:44 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 17:31:31 ----D---- C:\Windows\system32\MRT
2014-05-15 17:30:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-13 21:51:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-11 10:43:15 ----D---- C:\Windows\system32\NDF
2014-05-11 10:38:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-06 20:58:54 ----D---- C:\Users\doma\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-25 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-25 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-25 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
, výborně, moc děkuji. Tady ten log, kdyby tam bylo ještě něco .Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2014-06-01 21:35:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (40%) free of 100 GB
Total RAM: 4095 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:35:33, on 1.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8881 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\Windows\system32\svchost.exe -k imgsvc
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a026112d-9f66-4ea6-a746-3c396465ca0a -SystemEventPortName:HostProcess-aa81b145-fc69-40f4-a523-fe981a182513 -IoCancelEventPortName:HostProcess-91720e43-adaf-4e30-abe0-87ff7e6d4c58 -NonStateChangingEventPortName:HostProcess-ad0848b8-a5eb-493c-b9d5-4dd2848d4c44 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8e0d1fe4-b8ca-4729-afef-36d5916743cc -DeviceGroupId:WpdFsGroup
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1340567737-1365579125-178438994-2047494543-13810527731221556315-6279471571846322414
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {CD922FCB-5C2E-4AB7-9415-E229A0B30A39}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 872 876 884 65536 880
"C:\Users\doma\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-25 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll [2014-01-16 96128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-25 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1269072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"nvch"=rchnewver.dll,go []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-05-31 22:44:54 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-31 22:44:13 ----D---- C:\AdwCleaner
2014-05-31 21:16:02 ----D---- C:\rsit
2014-05-31 21:16:02 ----D---- C:\Program Files\trend micro
2014-05-29 16:30:54 ----A---- C:\Windows\unvise32.exe
2014-05-29 16:30:50 ----D---- C:\Program Files (x86)\LooksBuilderSE
2014-05-29 16:27:45 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2014-05-29 16:25:25 ----D---- C:\ProgramData\Studio 14
2014-05-29 16:25:25 ----D---- C:\ProgramData\Pinnacle Studio Plus
2014-05-29 16:21:18 ----D---- C:\ProgramData\Pinnacle
2014-05-29 16:21:18 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-27 20:47:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-19 21:45:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 17:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 17:32:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 13:36:08 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 13:36:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 13:35:51 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 13:35:50 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 13:35:50 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:35:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 13:35:48 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 13:35:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 13:35:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 13:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 04:48:57 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 months======
2014-06-01 21:35:31 ----D---- C:\Windows\Temp
2014-06-01 21:35:08 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2014-06-01 20:36:18 ----D---- C:\Windows\Prefetch
2014-06-01 20:06:39 ----D---- C:\Windows\system32\config
2014-06-01 18:48:21 ----D---- C:\Program Files (x86)\The KMPlayer
2014-06-01 18:42:59 ----D---- C:\Windows\System32
2014-06-01 18:42:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:42:58 ----D---- C:\Windows\inf
2014-06-01 18:22:54 ----RD---- C:\Program Files (x86)
2014-06-01 18:21:16 ----D---- C:\ProgramData\NVIDIA
2014-05-31 22:55:24 ----D---- C:\Program Files (x86)\Battle.net
2014-05-31 22:46:23 ----D---- C:\Windows
2014-05-31 22:45:38 ----HD---- C:\ProgramData
2014-05-31 22:44:54 ----D---- C:\Windows\SysWOW64
2014-05-31 21:16:02 ----RD---- C:\Program Files
2014-05-31 21:04:27 ----D---- C:\Windows\system32\wdi
2014-05-31 09:12:02 ----D---- C:\Windows\system32\catroot2
2014-05-30 16:02:32 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2014-05-30 09:28:25 ----SHD---- C:\System Volume Information
2014-05-29 16:32:19 ----SHD---- C:\Windows\Installer
2014-05-29 16:29:06 ----D---- C:\Windows\system32\DriverStore
2014-05-29 16:29:06 ----D---- C:\Windows\system32\catroot
2014-05-29 16:28:50 ----D---- C:\Windows\system32\drivers
2014-05-29 16:28:42 ----SD---- C:\Users\doma\AppData\Roaming\Microsoft
2014-05-29 16:28:42 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 16:27:17 ----D---- C:\Windows\winsxs
2014-05-29 16:26:54 ----RSD---- C:\Windows\Fonts
2014-05-27 20:47:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-25 17:54:19 ----D---- C:\Windows\Logs
2014-05-25 17:54:19 ----D---- C:\Windows\debug
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 10:07:33 ----D---- C:\Windows\rescache
2014-05-17 09:16:21 ----D---- C:\Windows\Microsoft.NET
2014-05-17 09:15:23 ----RSD---- C:\Windows\assembly
2014-05-15 20:22:46 ----D---- C:\Program Files (x86)\Diablo III
2014-05-15 18:44:14 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 17:32:44 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 17:31:31 ----D---- C:\Windows\system32\MRT
2014-05-15 17:30:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-13 21:51:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-11 10:43:15 ----D---- C:\Windows\system32\NDF
2014-05-11 10:38:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-06 20:58:54 ----D---- C:\Users\doma\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-25 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-25 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-25 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-01-16 289256]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu, výrazné zpomalení pc
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files\McAfee Security Scan
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"nvch"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu, výrazné zpomalení pc
Log z posledního kroku.
All processes killed
========== FILES ==========
C:\Program Files\McAfee Security Scan\3.8.141\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.8.141 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\nvch deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: doma
->Temp folder emptied: 4502249 bytes
->Temporary Internet Files folder emptied: 20253022 bytes
->Java cache emptied: 709784 bytes
->FireFox cache emptied: 148756333 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2301 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7816 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 48237624 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 13242361 bytes
Total Files Cleaned = 225,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: doma
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 06022014_045127
Files moved on Reboot...
File move failed. C:\Users\doma\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a80c_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\doma\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a80c_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\doma\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\Program Files\McAfee Security Scan\3.8.141\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.8.141 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\nvch deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: doma
->Temp folder emptied: 4502249 bytes
->Temporary Internet Files folder emptied: 20253022 bytes
->Java cache emptied: 709784 bytes
->FireFox cache emptied: 148756333 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 2301 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7816 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 48237624 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 13242361 bytes
Total Files Cleaned = 225,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: doma
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 06022014_045127
Files moved on Reboot...
File move failed. C:\Users\doma\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a80c_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\doma\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395f8fd8a80c_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\doma\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\doma\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Re: Prosím kontrolu, výrazné zpomalení pc
A log z RSIT :
Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2014-06-02 04:55:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (40%) free of 100 GB
Total RAM: 4095 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:00, on 2.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8418 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {68B9F766-72F4-42A4-938A-16E90F45755B}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c70fe3cf-42f9-47df-bac1-0884aa31dd4c -SystemEventPortName:HostProcess-dc6ffcbe-40cd-488a-8c66-e82f9d83b897 -IoCancelEventPortName:HostProcess-7c8c70de-baba-4cc5-a289-46f0eef17741 -NonStateChangingEventPortName:HostProcess-b62de0d0-2c20-420b-941d-a15d66f1c14c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b639d9c5-db2b-4d83-bf47-b8a402aa5d21 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-497970392169368230115960005162134241639-130561182965008494-108818456-1627051973
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\doma\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-25 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-25 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1269072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-06-02 04:51:27 ----D---- C:\_OTM
2014-05-31 22:44:54 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-31 22:44:13 ----D---- C:\AdwCleaner
2014-05-31 21:16:02 ----D---- C:\rsit
2014-05-31 21:16:02 ----D---- C:\Program Files\trend micro
2014-05-29 16:30:54 ----A---- C:\Windows\unvise32.exe
2014-05-29 16:30:50 ----D---- C:\Program Files (x86)\LooksBuilderSE
2014-05-29 16:27:45 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2014-05-29 16:25:25 ----D---- C:\ProgramData\Studio 14
2014-05-29 16:25:25 ----D---- C:\ProgramData\Pinnacle Studio Plus
2014-05-29 16:21:18 ----D---- C:\ProgramData\Pinnacle
2014-05-29 16:21:18 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-27 20:47:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-19 21:45:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 17:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 17:32:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 13:36:08 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 13:36:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 13:35:51 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 13:35:50 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 13:35:50 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:35:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 13:35:48 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 13:35:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 13:35:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 13:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 04:48:57 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 months======
2014-06-02 04:54:40 ----D---- C:\Windows\Prefetch
2014-06-02 04:54:36 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2014-06-02 04:54:06 ----D---- C:\Windows\Temp
2014-06-02 04:53:30 ----D---- C:\ProgramData\NVIDIA
2014-06-02 04:53:01 ----D---- C:\Windows\system32\config
2014-06-02 04:51:28 ----D---- C:\Windows\Tasks
2014-06-02 04:51:27 ----RD---- C:\Program Files
2014-06-02 04:47:09 ----D---- C:\Windows\System32
2014-06-02 04:47:09 ----D---- C:\Windows\inf
2014-06-02 04:47:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:48:21 ----D---- C:\Program Files (x86)\The KMPlayer
2014-06-01 18:22:54 ----RD---- C:\Program Files (x86)
2014-05-31 22:55:24 ----D---- C:\Program Files (x86)\Battle.net
2014-05-31 22:46:23 ----D---- C:\Windows
2014-05-31 22:45:38 ----HD---- C:\ProgramData
2014-05-31 22:44:54 ----D---- C:\Windows\SysWOW64
2014-05-31 21:04:27 ----D---- C:\Windows\system32\wdi
2014-05-31 09:12:02 ----D---- C:\Windows\system32\catroot2
2014-05-30 16:02:32 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2014-05-30 09:28:25 ----SHD---- C:\System Volume Information
2014-05-29 16:32:19 ----SHD---- C:\Windows\Installer
2014-05-29 16:29:06 ----D---- C:\Windows\system32\DriverStore
2014-05-29 16:29:06 ----D---- C:\Windows\system32\catroot
2014-05-29 16:28:50 ----D---- C:\Windows\system32\drivers
2014-05-29 16:28:42 ----SD---- C:\Users\doma\AppData\Roaming\Microsoft
2014-05-29 16:28:42 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 16:27:17 ----D---- C:\Windows\winsxs
2014-05-29 16:26:54 ----RSD---- C:\Windows\Fonts
2014-05-27 20:47:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-25 17:54:19 ----D---- C:\Windows\Logs
2014-05-25 17:54:19 ----D---- C:\Windows\debug
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 10:07:33 ----D---- C:\Windows\rescache
2014-05-17 09:16:21 ----D---- C:\Windows\Microsoft.NET
2014-05-17 09:15:23 ----RSD---- C:\Windows\assembly
2014-05-15 20:22:46 ----D---- C:\Program Files (x86)\Diablo III
2014-05-15 18:44:14 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 17:32:44 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 17:31:31 ----D---- C:\Windows\system32\MRT
2014-05-15 17:30:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-13 21:51:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-11 10:43:15 ----D---- C:\Windows\system32\NDF
2014-05-11 10:38:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-06 20:58:54 ----D---- C:\Users\doma\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-25 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-25 79184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-25 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by doma at 2014-06-02 04:55:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (40%) free of 100 GB
Total RAM: 4095 MB (69% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:56:00, on 2.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\trend micro\doma.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: KooBits 4.lnk = C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - Unknown owner - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8418 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {68B9F766-72F4-42A4-938A-16E90F45755B}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c70fe3cf-42f9-47df-bac1-0884aa31dd4c -SystemEventPortName:HostProcess-dc6ffcbe-40cd-488a-8c66-e82f9d83b897 -IoCancelEventPortName:HostProcess-7c8c70de-baba-4cc5-a289-46f0eef17741 -NonStateChangingEventPortName:HostProcess-b62de0d0-2c20-420b-941d-a15d66f1c14c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:b639d9c5-db2b-4d83-bf47-b8a402aa5d21 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-497970392169368230115960005162134241639-130561182965008494-108818456-1627051973
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\doma\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-04-25 581824]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-04-25 436600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2013-12-10 1100248]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\doma\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-29 1269072]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-05-26 3888648]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
KooBits 4.lnk - C:\Program Files (x86)\KooBits 4.0\KooBits 4.0.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2014-06-02 04:51:27 ----D---- C:\_OTM
2014-05-31 22:44:54 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-31 22:44:13 ----D---- C:\AdwCleaner
2014-05-31 21:16:02 ----D---- C:\rsit
2014-05-31 21:16:02 ----D---- C:\Program Files\trend micro
2014-05-29 16:30:54 ----A---- C:\Windows\unvise32.exe
2014-05-29 16:30:50 ----D---- C:\Program Files (x86)\LooksBuilderSE
2014-05-29 16:27:45 ----D---- C:\ProgramData\Pinnacle Studio Ultimate Collection
2014-05-29 16:25:25 ----D---- C:\ProgramData\Studio 14
2014-05-29 16:25:25 ----D---- C:\ProgramData\Pinnacle Studio Plus
2014-05-29 16:21:18 ----D---- C:\ProgramData\Pinnacle
2014-05-29 16:21:18 ----D---- C:\Program Files (x86)\Pinnacle
2014-05-27 20:47:26 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 20:42:41 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 20:42:41 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 20:42:40 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-19 21:45:21 ----D---- C:\Program Files (x86)\SiteLookup
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-15 17:32:50 ----A---- C:\Windows\system32\mshtml.dll
2014-05-15 17:32:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-15 17:32:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-15 13:36:08 ----A---- C:\Windows\system32\shell32.dll
2014-05-15 13:36:07 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aepdu.dll
2014-05-15 13:36:06 ----A---- C:\Windows\system32\aeinv.dll
2014-05-15 13:35:51 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-15 13:35:50 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-15 13:35:50 ----A---- C:\Windows\system32\winlogon.exe
2014-05-15 13:35:50 ----A---- C:\Windows\system32\kerberos.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\objsel.dll
2014-05-15 13:35:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-15 13:35:49 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\wdigest.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\schannel.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-15 13:35:48 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-15 13:35:48 ----A---- C:\Windows\system32\adprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-15 13:35:47 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\sspicli.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\secur32.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\lsass.exe
2014-05-15 13:35:47 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-15 13:35:47 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-15 13:35:47 ----A---- C:\Windows\system32\credssp.dll
2014-05-10 13:15:08 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-06 04:48:57 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 months======
2014-06-02 04:54:40 ----D---- C:\Windows\Prefetch
2014-06-02 04:54:36 ----D---- C:\Users\doma\AppData\Roaming\uTorrent
2014-06-02 04:54:06 ----D---- C:\Windows\Temp
2014-06-02 04:53:30 ----D---- C:\ProgramData\NVIDIA
2014-06-02 04:53:01 ----D---- C:\Windows\system32\config
2014-06-02 04:51:28 ----D---- C:\Windows\Tasks
2014-06-02 04:51:27 ----RD---- C:\Program Files
2014-06-02 04:47:09 ----D---- C:\Windows\System32
2014-06-02 04:47:09 ----D---- C:\Windows\inf
2014-06-02 04:47:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-01 18:48:21 ----D---- C:\Program Files (x86)\The KMPlayer
2014-06-01 18:22:54 ----RD---- C:\Program Files (x86)
2014-05-31 22:55:24 ----D---- C:\Program Files (x86)\Battle.net
2014-05-31 22:46:23 ----D---- C:\Windows
2014-05-31 22:45:38 ----HD---- C:\ProgramData
2014-05-31 22:44:54 ----D---- C:\Windows\SysWOW64
2014-05-31 21:04:27 ----D---- C:\Windows\system32\wdi
2014-05-31 09:12:02 ----D---- C:\Windows\system32\catroot2
2014-05-30 16:02:32 ----D---- C:\Users\doma\AppData\Roaming\DAEMON Tools Lite
2014-05-30 09:28:25 ----SHD---- C:\System Volume Information
2014-05-29 16:32:19 ----SHD---- C:\Windows\Installer
2014-05-29 16:29:06 ----D---- C:\Windows\system32\DriverStore
2014-05-29 16:29:06 ----D---- C:\Windows\system32\catroot
2014-05-29 16:28:50 ----D---- C:\Windows\system32\drivers
2014-05-29 16:28:42 ----SD---- C:\Users\doma\AppData\Roaming\Microsoft
2014-05-29 16:28:42 ----D---- C:\Program Files (x86)\Common Files
2014-05-29 16:27:17 ----D---- C:\Windows\winsxs
2014-05-29 16:26:54 ----RSD---- C:\Windows\Fonts
2014-05-27 20:47:35 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-25 17:54:19 ----D---- C:\Windows\Logs
2014-05-25 17:54:19 ----D---- C:\Windows\debug
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll
2014-05-18 10:07:33 ----D---- C:\Windows\rescache
2014-05-17 09:16:21 ----D---- C:\Windows\Microsoft.NET
2014-05-17 09:15:23 ----RSD---- C:\Windows\assembly
2014-05-15 20:22:46 ----D---- C:\Program Files (x86)\Diablo III
2014-05-15 18:44:14 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 17:32:44 ----D---- C:\ProgramData\Microsoft Help
2014-05-15 17:31:31 ----D---- C:\Windows\system32\MRT
2014-05-15 17:30:14 ----A---- C:\Windows\system32\MRT.exe
2014-05-13 21:51:37 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-11 10:43:15 ----D---- C:\Windows\system32\NDF
2014-05-11 10:38:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-06 20:58:54 ----D---- C:\Users\doma\AppData\Roaming\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-04-25 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-04-25 208416]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-04-25 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-05-15 1039096]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-05-15 423240]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-22 283064]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-04-25 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-04-25 79184]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-12-20 4720616]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-05-15 85328]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-04-25 50344]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-20 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-10 119408]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-27 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu, výrazné zpomalení pc
Log je již OK. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím kontrolu, výrazné zpomalení pc
Hotovo. Změna? : Mozilla se neseká a jede dvakrát rychleji a pc se zapne o 200% rychleji.
Perfekt. Moc děkuji
Dle provedených kroku tipuji že jsem měl prostě jen zaprasený pc ??! Jak se tomu vyvarovat ? Vydím že ccleaner jen nestačí.
Mám avast a comodo firewall.
Perfekt. Moc děkuji
Dle provedených kroku tipuji že jsem měl prostě jen zaprasený pc ??! Jak se tomu vyvarovat ? Vydím že ccleaner jen nestačí.
Mám avast a comodo firewall.
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím kontrolu, výrazné zpomalení pc
Byl tam i jeden trojan (rchnewver.dll) a pak jste si vlastní nepozorností nainstaloval McAfee security scan (je nabízen při updatu flashplayeru - stačí v druhém okně zrušit zatržítko a nenainstaluje se). Chce to jen trochu pozornosti. jainak tam byly běžné věci, které odstraní i CCleaner. Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?