dobrý den, když už jsem v tom, tak prosím o kontrolu i druhého pc. čas od času vyskočí bsod, ikdyž poslední dobou už dlouho ne. jinak asi bez problémů. (naposledy to bylo nějakým problémem při prohlížení konkrétního blogu v IE, ohledně grafiky)
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tracy at 2014-11-01 13:45:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 35 GB (13%) free of 262 GB
Total RAM: 4086 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:45:51, on 1.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Tracy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A13B1A6-56BB-4840-8153-D2FCD98D48D9}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7861 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\Apoint.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-379438187-66016421-1639295438-436794062374504610410206197-1126074121859465792
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\WLTRAY.EXE"
"C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"taskhost.exe"
C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe -Embedding
"C:\Program Files\Internet Explorer\iexplore.exe" https://www.facebook.com/
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:18804 CREDAT:3872127 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:18804 CREDAT:3085716 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:18804 CREDAT:3740939 /prefetch:2
"C:\Program Files (x86)\QIP 2012\qip.exe" /isolated
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cmdupd.exe" -Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMerger -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:18804 CREDAT:19142064 /prefetch:2
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Tracy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-11-09 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-11-09 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-28 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-28 170416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-05 384296]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-08-07 1683456]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [2008-02-15 425984]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil64_15_0_0_167_ActiveX.exe [2014-09-23 540336]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2014-11-01 13:45:29 ----D---- C:\Program Files\trend micro
2014-11-01 13:45:28 ----D---- C:\rsit
2014-10-15 19:37:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-15 19:37:58 ----A---- C:\Windows\system32\qdvd.dll
2014-10-15 19:37:52 ----A---- C:\Windows\system32\msi.dll
2014-10-15 19:37:51 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 19:37:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-10-15 19:37:40 ----A---- C:\Windows\system32\tzres.dll
2014-10-15 19:37:21 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 19:37:20 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 06:43:24 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 06:43:23 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 06:43:21 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\mf.dll
2014-10-15 06:43:19 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 06:43:19 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 06:43:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 06:43:18 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 06:43:17 ----A---- C:\Windows\system32\ci.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winload.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\evr.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 06:43:13 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 06:43:12 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 06:43:11 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 06:43:10 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 06:43:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 06:43:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:43:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:43:05 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 06:42:21 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 06:41:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 06:41:56 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 06:41:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 06:41:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 06:41:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 06:41:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 06:41:40 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 06:41:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:41:38 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 06:38:49 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 06:38:24 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 06:38:24 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 06:38:13 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 06:38:12 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 06:38:10 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 06:38:10 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 06:38:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 06:38:09 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 06:36:50 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 06:36:50 ----A---- C:\Windows\system32\packager.dll
======List of files/folders modified in the last 1 month======
2014-11-01 13:45:29 ----D---- C:\Program Files
2014-11-01 13:43:13 ----D---- C:\Users\Tracy\AppData\Roaming\Skype
2014-11-01 09:16:06 ----D---- C:\Users\Tracy\AppData\Roaming\MediaMonkey
2014-10-31 16:24:44 ----D---- C:\Windows\system32\config
2014-10-29 00:07:24 ----D---- C:\Windows\System32
2014-10-29 00:07:24 ----D---- C:\Windows\inf
2014-10-29 00:07:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-29 00:05:46 ----D---- C:\Windows\Temp
2014-10-28 16:25:36 ----D---- C:\Program Files\CCleaner
2014-10-28 12:00:51 ----SHD---- C:\System Volume Information
2014-10-28 12:00:10 ----D---- C:\Windows\rescache
2014-10-24 21:20:49 ----D---- C:\Program Files (x86)\MediaMonkey
2014-10-20 10:46:38 ----D---- C:\Users\Tracy\AppData\Roaming\TeamViewer
2014-10-17 07:06:01 ----D---- C:\Windows\Microsoft.NET
2014-10-17 06:09:03 ----D---- C:\Windows\system32\wdi
2014-10-16 22:18:59 ----RSD---- C:\Windows\assembly
2014-10-16 08:19:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 21:49:15 ----D---- C:\Windows\system32\catroot2
2014-10-15 20:57:58 ----D---- C:\Windows\winsxs
2014-10-15 20:57:37 ----SHD---- C:\Boot
2014-10-15 20:56:41 ----D---- C:\Windows
2014-10-15 20:51:59 ----D---- C:\Windows\SysWOW64
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 20:51:58 ----D---- C:\Program Files\Windows Media Player
2014-10-15 20:51:58 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 20:51:57 ----D---- C:\Windows\system32\en-US
2014-10-15 20:51:57 ----D---- C:\Windows\system32\drivers
2014-10-15 20:51:57 ----D---- C:\Windows\system32\Dism
2014-10-15 20:51:57 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 20:51:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 20:51:56 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 20:51:56 ----D---- C:\Windows\system32\Boot
2014-10-15 20:51:56 ----D---- C:\Program Files\Internet Explorer
2014-10-15 20:51:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 20:10:13 ----SHD---- C:\Windows\Installer
2014-10-15 19:41:07 ----D---- C:\Windows\system32\MRT
2014-10-15 19:41:05 ----D---- C:\Windows\debug
2014-10-15 19:40:38 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 19:37:25 ----D---- C:\Windows\system32\catroot
2014-10-12 21:27:46 ----D---- C:\Users\Tracy\AppData\Roaming\PhotoScape
2014-10-12 21:27:41 ----D---- C:\Users\Tracy\AppData\Roaming\uTorrent
2014-10-07 07:04:44 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-07-16 30080]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-03-19 55808]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 301688]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-07 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt64.sys [2008-02-15 393216]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe [2007-09-20 86016]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-15 31744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe [2008-02-15 122880]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-16 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-28 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o preventivní kontrolu
Tyto IP adresy znate? 156.154.70.22,156.154.71.22
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Kouknete do slozky C:\Windows\Minidump . Pokud tam bude nejaky soubor, uplodnete ho treba na leteckou pustu http://leteckaposta.cz/ a sem dejte odkaz na stazeni.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
to nevím zda, je znám, jak to zjistím?Márty84 píše:
složka je prázdnáMárty84 píše:Kouknete do slozky C:\Windows\Minidump . Pokud tam bude nejaky soubor, uplodnete ho treba na leteckou pustu http://leteckaposta.cz/ a sem dejte odkaz na stazeni.
Driver Booster byl nainstalován po RSIt logu, zmiňovala jsem to v tom vedlejším vlákně k druhému PC, před tímhle testem jsem ho zapomněla odinstalovat, teď už je pryč
# AdwCleaner v3.311 - Report created 01/11/2014 at 18:07:18
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Tracy - TRACY-PC
# Running from : C:\Users\Tracy\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Users\Tracy\AppData\Local\Babylon
Folder Deleted : C:\Users\Tracy\AppData\Roaming\Babylon
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Tencent
Key Deleted : HKLM\SOFTWARE\Uniblue
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
*************************
AdwCleaner[R0].txt - [2412 octets] - [01/11/2014 18:05:52]
AdwCleaner[S0].txt - [2122 octets] - [01/11/2014 18:07:18]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2182 octets] ##########
Re: prosím o preventivní kontrolu
Ty IP budou v poradku, patri Comodu.Sezy píše:to nevím zda, je znám, jak to zjistím?
Pokud dojde k BSOD, mel by se v te slozce objevit soubor, kde budou informace, co to zpusobilo. Akorat CCleaner a i dalsi cistice ty soubory mazou, takze pokud dojde k padu, nevymazte ho drive, nez soubor nekam uploadnete.Sezy píše:složka je prázdná
Vidite, ze i program to bere jako skodnouSezy píše:Driver Booster byl nainstalován po RSIt logu, zmiňovala jsem to v tom vedlejším vlákně k druhému PC, před tímhle testem jsem ho zapomněla odinstalovat, teď už je pryč
Sezy píše:Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
I zde udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
dobře, budu si to pamatovat, až se to stane, máte mne tu jako na koniMárty84 píše:Pokud dojde k BSOD, mel by se v te slozce objevit soubor, kde budou informace, co to zpusobilo. Akorat CCleaner a i dalsi cistice ty soubory mazou, takze pokud dojde k padu, nevymazte ho drive, nez soubor nekam uploadnete.
jj, všimla jsem si, proto jsem to taky komentovala =)Márty84 píše:Vidite, ze i program to bere jako skodnou
MBAM nic nenašel
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 2.11.2014
Scan Time: 9:29:07
Logfile: log.txt
Administrator: Yes
Version: 2.00.3.1025
Malware Database: v2014.11.02.03
Rootkit Database: v2014.11.01.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tracy
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 570122
Time Elapsed: 2 hr, 41 min, 40 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Re: prosím o preventivní kontrolu
tak jo, snad uz se to nestane, ale kdyby nahodou, budu se tu na vas tesit MBAM odinstalujte. Dejte novy log z RSIT a trochu to procistime.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
jo, taky vždycky doufám, že už si s rádci nepokecám
nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tracy at 2014-11-02 17:00:25
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (10%) free of 262 GB
Total RAM: 4086 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:52, on 2.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe
C:\Program Files (x86)\LibreOffice 3.4\program\soffice.exe
C:\Program Files (x86)\LibreOffice 3.4\program\soffice.bin
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Tracy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A13B1A6-56BB-4840-8153-D2FCD98D48D9}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Windows\System32\WLTRAY.EXE"
"C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\System32\StikyNot.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-19461020871797943185484817982-1897978580454833399360540409-1063418393-2061321728
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" -o "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt"
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" -o "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt" -writer
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" "-o" "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt" "-writer" "-env:OOO_CWD=2C:\\Users\\Tracy\\Documents\\sbor\\PSS\\zbytek\\zájezd Japonsko"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
taskeng.exe {ECC4A242-E063-4E09-92E8-650F10928FA8}
"C:\Users\Tracy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-01 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-01 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-05 384296]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-08-07 1683456]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [2008-02-15 425984]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2014-11-02 09:26:46 ----D---- C:\ProgramData\Malwarebytes
2014-11-01 18:05:49 ----D---- C:\AdwCleaner
2014-11-01 14:57:36 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-11-01 14:57:36 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-11-01 14:57:35 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-11-01 14:57:35 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-11-01 14:57:34 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-11-01 14:57:34 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-11-01 14:57:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-11-01 14:57:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-11-01 14:57:31 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-11-01 14:57:31 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-11-01 14:57:29 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-11-01 14:57:29 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-11-01 14:57:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-11-01 14:57:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-11-01 14:57:27 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-11-01 14:57:27 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-11-01 14:57:24 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-11-01 14:57:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-11-01 14:57:24 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-11-01 14:57:24 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-11-01 14:57:22 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-11-01 14:57:22 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-11-01 14:57:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-11-01 14:57:21 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-11-01 14:57:19 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-11-01 14:57:19 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-11-01 14:57:16 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-11-01 14:57:16 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-11-01 14:57:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-11-01 14:57:15 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-11-01 14:57:13 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-11-01 14:57:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-11-01 14:57:12 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-11-01 14:57:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-11-01 14:57:10 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-11-01 14:57:10 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-11-01 14:57:09 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-11-01 14:57:09 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-11-01 14:57:08 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-11-01 14:57:06 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-11-01 14:57:06 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-11-01 14:57:04 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-11-01 14:57:04 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-11-01 14:57:04 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-11-01 14:57:04 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-11-01 14:57:01 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-11-01 14:57:01 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-11-01 14:57:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-11-01 14:57:00 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-11-01 14:56:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-11-01 14:56:57 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-11-01 14:56:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-11-01 14:56:55 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-11-01 14:56:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-11-01 14:56:55 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-11-01 14:56:55 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-11-01 14:56:53 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-11-01 14:56:53 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-11-01 14:56:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-11-01 14:56:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-11-01 14:56:49 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-11-01 14:56:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-11-01 14:56:49 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-11-01 14:56:49 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-11-01 14:56:47 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-11-01 14:56:47 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-11-01 14:56:45 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-11-01 14:56:44 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-11-01 14:56:44 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-11-01 14:56:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-11-01 14:56:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-11-01 14:56:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-11-01 14:56:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-11-01 14:56:40 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-11-01 14:56:40 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-11-01 14:56:38 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-11-01 14:56:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-11-01 14:56:37 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-11-01 14:56:35 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-11-01 14:56:35 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-11-01 14:56:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-11-01 14:56:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-11-01 14:56:31 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-11-01 14:56:31 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-11-01 14:56:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-11-01 14:56:30 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-11-01 14:56:29 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-11-01 14:56:28 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-11-01 14:56:28 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-11-01 14:56:25 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-11-01 14:56:25 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-11-01 14:56:22 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-11-01 14:56:21 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-11-01 14:56:21 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-11-01 14:56:18 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-11-01 14:56:18 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-11-01 14:56:17 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-11-01 14:56:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-11-01 14:56:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-11-01 14:56:13 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-11-01 14:56:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-11-01 14:56:13 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-11-01 14:56:13 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-11-01 14:56:12 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-11-01 14:56:11 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-11-01 14:56:11 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-11-01 14:56:09 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-11-01 14:56:09 ----A---- C:\Windows\system32\xinput1_3.dll
2014-11-01 14:56:07 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-11-01 14:56:07 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-11-01 14:56:06 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-11-01 14:56:05 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-11-01 14:56:05 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-11-01 14:56:02 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-11-01 14:56:02 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-11-01 14:56:00 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-11-01 14:56:00 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-11-01 14:55:59 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-11-01 14:55:59 ----A---- C:\Windows\system32\d3dx10.dll
2014-11-01 14:55:58 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-11-01 14:55:58 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-11-01 14:55:55 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-11-01 14:55:55 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-11-01 14:55:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-11-01 14:55:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-11-01 14:55:54 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-11-01 14:55:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-11-01 14:55:52 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-11-01 14:55:52 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-11-01 14:55:51 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-11-01 14:55:51 ----A---- C:\Windows\system32\xinput1_2.dll
2014-11-01 14:55:48 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-11-01 14:55:48 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-11-01 14:55:47 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-11-01 14:55:47 ----A---- C:\Windows\system32\xinput1_1.dll
2014-11-01 14:55:44 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-11-01 14:55:44 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-11-01 14:55:30 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-11-01 14:55:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-11-01 14:55:25 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-11-01 14:55:23 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-11-01 14:55:23 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-11-01 14:55:21 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-11-01 14:55:21 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-11-01 14:55:19 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-11-01 14:55:19 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-11-01 14:55:18 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-11-01 14:55:18 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-11-01 14:55:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-11-01 14:55:17 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-11-01 14:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-11-01 14:55:14 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-11-01 14:53:22 ----A---- C:\Windows\system32\javaws.exe
2014-11-01 14:53:02 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-01 14:53:02 ----A---- C:\Windows\system32\javaw.exe
2014-11-01 14:53:02 ----A---- C:\Windows\system32\java.exe
2014-11-01 14:51:14 ----SHD---- C:\Config.Msi
2014-11-01 14:50:09 ----A---- C:\Windows\system32\drivers\iaStor.sys
2014-11-01 14:30:16 ----D---- C:\ProgramData\ProductData
2014-11-01 14:28:11 ----D---- C:\ProgramData\IObit
2014-11-01 14:27:55 ----D---- C:\Users\Tracy\AppData\Roaming\IObit
2014-11-01 13:45:29 ----D---- C:\Program Files\trend micro
2014-11-01 13:45:28 ----D---- C:\rsit
2014-10-15 19:37:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-15 19:37:58 ----A---- C:\Windows\system32\qdvd.dll
2014-10-15 19:37:52 ----A---- C:\Windows\system32\msi.dll
2014-10-15 19:37:51 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 19:37:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-10-15 19:37:40 ----A---- C:\Windows\system32\tzres.dll
2014-10-15 19:37:21 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 19:37:20 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 06:43:24 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 06:43:23 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 06:43:21 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\mf.dll
2014-10-15 06:43:19 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 06:43:19 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 06:43:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 06:43:18 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 06:43:17 ----A---- C:\Windows\system32\ci.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winload.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\evr.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 06:43:13 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 06:43:12 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 06:43:11 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 06:43:10 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 06:43:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 06:43:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:43:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:43:05 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 06:42:21 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 06:41:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 06:41:56 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 06:41:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 06:41:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 06:41:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 06:41:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 06:41:40 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 06:41:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:41:38 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 06:38:49 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 06:38:24 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 06:38:24 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 06:38:13 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 06:38:12 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 06:38:10 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 06:38:10 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 06:38:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 06:38:09 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 06:36:50 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 06:36:50 ----A---- C:\Windows\system32\packager.dll
======List of files/folders modified in the last 1 month======
2014-11-02 17:00:43 ----D---- C:\Windows\Prefetch
2014-11-02 16:59:26 ----D---- C:\Windows\system32\drivers
2014-11-02 16:59:22 ----RD---- C:\Program Files (x86)
2014-11-02 15:26:57 ----D---- C:\Users\Tracy\AppData\Roaming\Skype
2014-11-02 13:25:51 ----SHD---- C:\System Volume Information
2014-11-02 09:27:12 ----D---- C:\Windows\Temp
2014-11-02 09:26:46 ----HD---- C:\ProgramData
2014-11-02 09:19:30 ----D---- C:\Windows\system32\config
2014-11-01 18:12:47 ----D---- C:\Windows\System32
2014-11-01 18:12:47 ----D---- C:\Windows\inf
2014-11-01 18:12:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-01 18:12:31 ----D---- C:\Windows\Tasks
2014-11-01 18:07:22 ----D---- C:\Windows\system32\Tasks
2014-11-01 14:57:36 ----D---- C:\Windows\SysWOW64
2014-11-01 14:55:44 ----RSD---- C:\Windows\assembly
2014-11-01 14:55:34 ----D---- C:\Windows\Microsoft.NET
2014-11-01 14:55:16 ----D---- C:\Windows
2014-11-01 14:54:27 ----D---- C:\Windows\Logs
2014-11-01 14:54:05 ----D---- C:\Windows\SoftwareDistribution
2014-11-01 14:53:46 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-01 14:53:22 ----SHD---- C:\Windows\Installer
2014-11-01 14:51:54 ----D---- C:\Program Files (x86)\Common Files
2014-11-01 14:50:15 ----D---- C:\Windows\system32\catroot
2014-11-01 14:50:10 ----D---- C:\Windows\system32\DriverStore
2014-11-01 14:34:30 ----D---- C:\Users\Tracy\AppData\Roaming\MediaMonkey
2014-11-01 13:45:29 ----D---- C:\Program Files
2014-10-28 16:25:36 ----D---- C:\Program Files\CCleaner
2014-10-28 12:00:10 ----D---- C:\Windows\rescache
2014-10-24 21:20:49 ----D---- C:\Program Files (x86)\MediaMonkey
2014-10-20 10:46:38 ----D---- C:\Users\Tracy\AppData\Roaming\TeamViewer
2014-10-17 06:09:03 ----D---- C:\Windows\system32\wdi
2014-10-15 21:49:15 ----D---- C:\Windows\system32\catroot2
2014-10-15 20:57:58 ----D---- C:\Windows\winsxs
2014-10-15 20:57:37 ----SHD---- C:\Boot
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 20:51:58 ----D---- C:\Program Files\Windows Media Player
2014-10-15 20:51:58 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 20:51:57 ----D---- C:\Windows\system32\en-US
2014-10-15 20:51:57 ----D---- C:\Windows\system32\Dism
2014-10-15 20:51:57 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 20:51:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 20:51:56 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 20:51:56 ----D---- C:\Windows\system32\Boot
2014-10-15 20:51:56 ----D---- C:\Program Files\Internet Explorer
2014-10-15 20:51:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:54:16 ----D---- C:\Windows\system32\MRT
2014-10-15 19:41:05 ----D---- C:\Windows\debug
2014-10-15 19:40:38 ----A---- C:\Windows\system32\MRT.exe
2014-10-12 21:27:46 ----D---- C:\Users\Tracy\AppData\Roaming\PhotoScape
2014-10-12 21:27:41 ----D---- C:\Users\Tracy\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2014-11-01 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-07-16 30080]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 301688]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-07 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt64.sys [2008-02-15 393216]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-03-19 55808]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe [2007-09-20 86016]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe [2008-02-15 122880]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-15 31744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-28 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
nový RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tracy at 2014-11-02 17:00:25
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (10%) free of 262 GB
Total RAM: 4086 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:52, on 2.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe
C:\Program Files (x86)\LibreOffice 3.4\program\soffice.exe
C:\Program Files (x86)\LibreOffice 3.4\program\soffice.bin
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Tracy.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.daum.net/search?nil_profi ... de=ms&q=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A13B1A6-56BB-4840-8153-D2FCD98D48D9}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C031146-48DA-4F89-A799-3824B3BCDCFE}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7334 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Windows\System32\WLTRAY.EXE"
"C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cistray.exe"
"C:\Windows\System32\StikyNot.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-19461020871797943185484817982-1897978580454833399360540409-1063418393-2061321728
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"taskhost.exe"
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" -o "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt"
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" -o "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt" -writer
"C:\Program Files (x86)\LibreOffice 3.4\program\swriter.exe" "-o" "C:\Users\Tracy\Documents\sbor\PSS\zbytek\zájezd Japonsko\Pokyny_pro_zájezd_do_Japonska.odt" "-writer" "-env:OOO_CWD=2C:\\Users\\Tracy\\Documents\\sbor\\PSS\\zbytek\\zájezd Japonsko"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
taskeng.exe {ECC4A242-E063-4E09-92E8-650F10928FA8}
"C:\Users\Tracy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-11-01 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-01 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 363544]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-04-05 384296]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-08-07 1683456]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray64.exe [2008-02-15 425984]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25 1275608]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-04-27 113288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 261120]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "%1" /S "%3"
======List of files/folders created in the last 1 month======
2014-11-02 09:26:46 ----D---- C:\ProgramData\Malwarebytes
2014-11-01 18:05:49 ----D---- C:\AdwCleaner
2014-11-01 14:57:36 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2014-11-01 14:57:36 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2014-11-01 14:57:35 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2014-11-01 14:57:35 ----A---- C:\Windows\system32\XAudio2_7.dll
2014-11-01 14:57:34 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2014-11-01 14:57:34 ----A---- C:\Windows\system32\xactengine3_7.dll
2014-11-01 14:57:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-11-01 14:57:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2014-11-01 14:57:31 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2014-11-01 14:57:31 ----A---- C:\Windows\system32\d3dcsx_43.dll
2014-11-01 14:57:29 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2014-11-01 14:57:29 ----A---- C:\Windows\system32\d3dx11_43.dll
2014-11-01 14:57:28 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2014-11-01 14:57:28 ----A---- C:\Windows\system32\d3dx10_43.dll
2014-11-01 14:57:27 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-11-01 14:57:27 ----A---- C:\Windows\system32\D3DX9_43.dll
2014-11-01 14:57:24 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2014-11-01 14:57:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2014-11-01 14:57:24 ----A---- C:\Windows\system32\XAudio2_6.dll
2014-11-01 14:57:24 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2014-11-01 14:57:22 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2014-11-01 14:57:22 ----A---- C:\Windows\system32\xactengine3_6.dll
2014-11-01 14:57:21 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2014-11-01 14:57:21 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2014-11-01 14:57:19 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2014-11-01 14:57:19 ----A---- C:\Windows\system32\XAudio2_5.dll
2014-11-01 14:57:16 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2014-11-01 14:57:16 ----A---- C:\Windows\system32\xactengine3_5.dll
2014-11-01 14:57:15 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2014-11-01 14:57:15 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2014-11-01 14:57:13 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2014-11-01 14:57:13 ----A---- C:\Windows\system32\d3dcsx_42.dll
2014-11-01 14:57:12 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2014-11-01 14:57:12 ----A---- C:\Windows\system32\d3dx11_42.dll
2014-11-01 14:57:10 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2014-11-01 14:57:10 ----A---- C:\Windows\system32\d3dx10_42.dll
2014-11-01 14:57:09 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2014-11-01 14:57:09 ----A---- C:\Windows\system32\D3DX9_42.dll
2014-11-01 14:57:08 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\system32\d3dx10_41.dll
2014-11-01 14:57:08 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2014-11-01 14:57:06 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2014-11-01 14:57:06 ----A---- C:\Windows\system32\D3DX9_41.dll
2014-11-01 14:57:04 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2014-11-01 14:57:04 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2014-11-01 14:57:04 ----A---- C:\Windows\system32\XAudio2_4.dll
2014-11-01 14:57:04 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2014-11-01 14:57:01 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2014-11-01 14:57:01 ----A---- C:\Windows\system32\xactengine3_4.dll
2014-11-01 14:57:00 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2014-11-01 14:57:00 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2014-11-01 14:56:58 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\system32\d3dx10_40.dll
2014-11-01 14:56:58 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2014-11-01 14:56:57 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2014-11-01 14:56:57 ----A---- C:\Windows\system32\D3DX9_40.dll
2014-11-01 14:56:55 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2014-11-01 14:56:55 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2014-11-01 14:56:55 ----A---- C:\Windows\system32\XAudio2_3.dll
2014-11-01 14:56:55 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2014-11-01 14:56:53 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2014-11-01 14:56:53 ----A---- C:\Windows\system32\xactengine3_3.dll
2014-11-01 14:56:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2014-11-01 14:56:51 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2014-11-01 14:56:49 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2014-11-01 14:56:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2014-11-01 14:56:49 ----A---- C:\Windows\system32\XAudio2_2.dll
2014-11-01 14:56:49 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2014-11-01 14:56:47 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2014-11-01 14:56:47 ----A---- C:\Windows\system32\xactengine3_2.dll
2014-11-01 14:56:45 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\system32\d3dx10_39.dll
2014-11-01 14:56:45 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2014-11-01 14:56:44 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2014-11-01 14:56:44 ----A---- C:\Windows\system32\D3DX9_39.dll
2014-11-01 14:56:42 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2014-11-01 14:56:42 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2014-11-01 14:56:42 ----A---- C:\Windows\system32\XAudio2_1.dll
2014-11-01 14:56:42 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2014-11-01 14:56:40 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2014-11-01 14:56:40 ----A---- C:\Windows\system32\xactengine3_1.dll
2014-11-01 14:56:38 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2014-11-01 14:56:38 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2014-11-01 14:56:37 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\system32\d3dx10_38.dll
2014-11-01 14:56:37 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2014-11-01 14:56:35 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2014-11-01 14:56:35 ----A---- C:\Windows\system32\D3DX9_38.dll
2014-11-01 14:56:33 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2014-11-01 14:56:33 ----A---- C:\Windows\system32\XAudio2_0.dll
2014-11-01 14:56:31 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2014-11-01 14:56:31 ----A---- C:\Windows\system32\xactengine3_0.dll
2014-11-01 14:56:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2014-11-01 14:56:30 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2014-11-01 14:56:29 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\system32\d3dx10_37.dll
2014-11-01 14:56:29 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2014-11-01 14:56:28 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2014-11-01 14:56:28 ----A---- C:\Windows\system32\D3DX9_37.dll
2014-11-01 14:56:25 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-11-01 14:56:25 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-11-01 14:56:22 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-11-01 14:56:22 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-11-01 14:56:21 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-11-01 14:56:21 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-11-01 14:56:18 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-11-01 14:56:18 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-11-01 14:56:17 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-11-01 14:56:17 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-11-01 14:56:16 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-11-01 14:56:16 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-11-01 14:56:13 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-11-01 14:56:13 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-11-01 14:56:13 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-11-01 14:56:13 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-11-01 14:56:12 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-11-01 14:56:12 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-11-01 14:56:11 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-11-01 14:56:11 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-11-01 14:56:09 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-11-01 14:56:09 ----A---- C:\Windows\system32\xinput1_3.dll
2014-11-01 14:56:07 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-11-01 14:56:07 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-11-01 14:56:06 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-11-01 14:56:06 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-11-01 14:56:05 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-11-01 14:56:05 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-11-01 14:56:02 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-11-01 14:56:02 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-11-01 14:56:00 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-11-01 14:56:00 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-11-01 14:55:59 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-11-01 14:55:59 ----A---- C:\Windows\system32\d3dx10.dll
2014-11-01 14:55:58 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-11-01 14:55:58 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-11-01 14:55:55 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-11-01 14:55:55 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-11-01 14:55:55 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-11-01 14:55:55 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-11-01 14:55:54 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-11-01 14:55:54 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-11-01 14:55:52 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-11-01 14:55:52 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-11-01 14:55:51 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-11-01 14:55:51 ----A---- C:\Windows\system32\xinput1_2.dll
2014-11-01 14:55:48 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-11-01 14:55:48 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-11-01 14:55:47 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-11-01 14:55:47 ----A---- C:\Windows\system32\xinput1_1.dll
2014-11-01 14:55:44 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-11-01 14:55:44 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-11-01 14:55:30 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-11-01 14:55:30 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-11-01 14:55:25 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-11-01 14:55:25 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-11-01 14:55:23 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-11-01 14:55:23 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-11-01 14:55:21 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-11-01 14:55:21 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-11-01 14:55:19 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-11-01 14:55:19 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-11-01 14:55:18 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-11-01 14:55:18 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-11-01 14:55:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-11-01 14:55:17 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-11-01 14:55:14 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-11-01 14:55:14 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-11-01 14:53:22 ----A---- C:\Windows\system32\javaws.exe
2014-11-01 14:53:02 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-01 14:53:02 ----A---- C:\Windows\system32\javaw.exe
2014-11-01 14:53:02 ----A---- C:\Windows\system32\java.exe
2014-11-01 14:51:14 ----SHD---- C:\Config.Msi
2014-11-01 14:50:09 ----A---- C:\Windows\system32\drivers\iaStor.sys
2014-11-01 14:30:16 ----D---- C:\ProgramData\ProductData
2014-11-01 14:28:11 ----D---- C:\ProgramData\IObit
2014-11-01 14:27:55 ----D---- C:\Users\Tracy\AppData\Roaming\IObit
2014-11-01 13:45:29 ----D---- C:\Program Files\trend micro
2014-11-01 13:45:28 ----D---- C:\rsit
2014-10-15 19:37:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2014-10-15 19:37:58 ----A---- C:\Windows\system32\qdvd.dll
2014-10-15 19:37:52 ----A---- C:\Windows\system32\msi.dll
2014-10-15 19:37:51 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 19:37:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-10-15 19:37:40 ----A---- C:\Windows\system32\tzres.dll
2014-10-15 19:37:21 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 19:37:20 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 06:43:24 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 06:43:24 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 06:43:23 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 06:43:21 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:43:20 ----A---- C:\Windows\system32\mf.dll
2014-10-15 06:43:19 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 06:43:19 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 06:43:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 06:43:18 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 06:43:17 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 06:43:17 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 06:43:17 ----A---- C:\Windows\system32\ci.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 06:43:16 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\winload.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:43:16 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 06:43:16 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 06:43:15 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\evr.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 06:43:15 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 06:43:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 06:43:13 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 06:43:13 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 06:43:12 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 06:43:12 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 06:43:11 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 06:43:11 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 06:43:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 06:43:10 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 06:43:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 06:43:09 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:43:08 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 06:43:08 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:43:07 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 06:43:06 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:43:05 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 06:42:21 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 06:42:17 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 06:41:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 06:41:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 06:41:56 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 06:41:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 06:41:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 06:41:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 06:41:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 06:41:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 06:41:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 06:41:51 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 06:41:51 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 06:41:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 06:41:50 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 06:41:49 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 06:41:48 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 06:41:48 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 06:41:42 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 06:41:41 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 06:41:40 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 06:41:40 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 06:41:39 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 06:41:38 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 06:41:38 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 06:38:49 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 06:38:24 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 06:38:24 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 06:38:13 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 06:38:12 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:38:11 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 06:38:10 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 06:38:10 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 06:38:09 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 06:38:09 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 06:38:09 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 06:36:50 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 06:36:50 ----A---- C:\Windows\system32\packager.dll
======List of files/folders modified in the last 1 month======
2014-11-02 17:00:43 ----D---- C:\Windows\Prefetch
2014-11-02 16:59:26 ----D---- C:\Windows\system32\drivers
2014-11-02 16:59:22 ----RD---- C:\Program Files (x86)
2014-11-02 15:26:57 ----D---- C:\Users\Tracy\AppData\Roaming\Skype
2014-11-02 13:25:51 ----SHD---- C:\System Volume Information
2014-11-02 09:27:12 ----D---- C:\Windows\Temp
2014-11-02 09:26:46 ----HD---- C:\ProgramData
2014-11-02 09:19:30 ----D---- C:\Windows\system32\config
2014-11-01 18:12:47 ----D---- C:\Windows\System32
2014-11-01 18:12:47 ----D---- C:\Windows\inf
2014-11-01 18:12:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-01 18:12:31 ----D---- C:\Windows\Tasks
2014-11-01 18:07:22 ----D---- C:\Windows\system32\Tasks
2014-11-01 14:57:36 ----D---- C:\Windows\SysWOW64
2014-11-01 14:55:44 ----RSD---- C:\Windows\assembly
2014-11-01 14:55:34 ----D---- C:\Windows\Microsoft.NET
2014-11-01 14:55:16 ----D---- C:\Windows
2014-11-01 14:54:27 ----D---- C:\Windows\Logs
2014-11-01 14:54:05 ----D---- C:\Windows\SoftwareDistribution
2014-11-01 14:53:46 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-01 14:53:22 ----SHD---- C:\Windows\Installer
2014-11-01 14:51:54 ----D---- C:\Program Files (x86)\Common Files
2014-11-01 14:50:15 ----D---- C:\Windows\system32\catroot
2014-11-01 14:50:10 ----D---- C:\Windows\system32\DriverStore
2014-11-01 14:34:30 ----D---- C:\Users\Tracy\AppData\Roaming\MediaMonkey
2014-11-01 13:45:29 ----D---- C:\Program Files
2014-10-28 16:25:36 ----D---- C:\Program Files\CCleaner
2014-10-28 12:00:10 ----D---- C:\Windows\rescache
2014-10-24 21:20:49 ----D---- C:\Program Files (x86)\MediaMonkey
2014-10-20 10:46:38 ----D---- C:\Users\Tracy\AppData\Roaming\TeamViewer
2014-10-17 06:09:03 ----D---- C:\Windows\system32\wdi
2014-10-15 21:49:15 ----D---- C:\Windows\system32\catroot2
2014-10-15 20:57:58 ----D---- C:\Windows\winsxs
2014-10-15 20:57:37 ----SHD---- C:\Boot
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 20:51:58 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 20:51:58 ----D---- C:\Program Files\Windows Media Player
2014-10-15 20:51:58 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 20:51:57 ----D---- C:\Windows\system32\en-US
2014-10-15 20:51:57 ----D---- C:\Windows\system32\Dism
2014-10-15 20:51:57 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 20:51:56 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 20:51:56 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 20:51:56 ----D---- C:\Windows\system32\Boot
2014-10-15 20:51:56 ----D---- C:\Program Files\Internet Explorer
2014-10-15 20:51:55 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 19:54:16 ----D---- C:\Windows\system32\MRT
2014-10-15 19:41:05 ----D---- C:\Windows\debug
2014-10-15 19:40:38 ----A---- C:\Windows\system32\MRT.exe
2014-10-12 21:27:46 ----D---- C:\Users\Tracy\AppData\Roaming\PhotoScape
2014-10-12 21:27:41 ----D---- C:\Users\Tracy\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2014-11-01 438808]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2014-04-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS [2009-07-16 30080]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2007-07-26 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2007-07-27 57856]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-04-15 301688]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-07 2769400]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-23 6180832]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt64.sys [2008-02-15 393216]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2007-03-19 55808]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-04-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-04-27 184968]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\AESTSr64.exe [2007-09-20 86016]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2014-04-16 6817544]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 STacSV;SigmaTel Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_295b5b4710f6d77b\STacSV64.exe [2008-02-15 122880]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-03-15 31744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2014-03-25 2264280]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-28 119408]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-26 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: prosím o preventivní kontrolu
Tak myslim, ze urcite nejste jedina
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
SkypeUpdate
AdobeFlashPlayerUpdateSvc
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\ProgramData\Malwarebytes
C:\ProgramData\IObit
C:\Users\Tracy\AppData\Roaming\IObit
:reg
[HKCU\Software\Microsoft\Internet Explorer\SearchURL]
"(Default)"=""
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
tak to máte vlastně hrozně smutnej koníček. všichni doufají, že Vás už nepotkají
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tracy
->Temp folder emptied: 2780654 bytes
->Temporary Internet Files folder emptied: 176352215 bytes
->Java cache emptied: 11774789 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 12059 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8842878 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78213 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 736 bytes
RecycleBin emptied: 700400 bytes
Total Files Cleaned = 191,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Tracy
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File move failed. C:\Windows\system32\DriverStore\Temp\{1a62ba58-9748-01a4-f729-f27305e1b107}\SET6289.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{1fb904f7-951a-582f-5c6a-550713498214}\SETAFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{47f5dcf9-809d-5110-f298-7505401c2e14}\SET65A4.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{516b5d0a-f6e7-1d14-c891-ed0841639209}\SETAB7A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{6a267111-263c-1936-04b6-6c3182755332}\SETA707.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{7ed69fa1-b004-52a7-f77f-673af01f391d}\SETB3D3.tmp scheduled to be moved on reboot.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\ProgramData\IObit\Driver Booster\License folder moved successfully.
C:\ProgramData\IObit\Driver Booster\Download folder moved successfully.
C:\ProgramData\IObit\Driver Booster folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Scan folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Main folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Install folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit folder moved successfully.
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\SearchURL\\"(Default)"|"" /E : value set successfully!
OTM by OldTimer - Version 3.1.21.0 log created on 11022014_201650
Files moved on Reboot...
C:\Users\Tracy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\system32\DriverStore\Temp\{1a62ba58-9748-01a4-f729-f27305e1b107}\SET6289.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{1fb904f7-951a-582f-5c6a-550713498214}\SETAFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{47f5dcf9-809d-5110-f298-7505401c2e14}\SET65A4.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{516b5d0a-f6e7-1d14-c891-ed0841639209}\SETAB7A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{6a267111-263c-1936-04b6-6c3182755332}\SETA707.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{7ed69fa1-b004-52a7-f77f-673af01f391d}\SETB3D3.tmp scheduled to be moved on reboot.
Registry entries deleted on Reboot...
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: Tracy
->Temp folder emptied: 2780654 bytes
->Temporary Internet Files folder emptied: 176352215 bytes
->Java cache emptied: 11774789 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 12059 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 8842878 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 740 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 78213 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 736 bytes
RecycleBin emptied: 700400 bytes
Total Files Cleaned = 191,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: Tracy
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File move failed. C:\Windows\system32\DriverStore\Temp\{1a62ba58-9748-01a4-f729-f27305e1b107}\SET6289.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{1fb904f7-951a-582f-5c6a-550713498214}\SETAFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{47f5dcf9-809d-5110-f298-7505401c2e14}\SET65A4.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{516b5d0a-f6e7-1d14-c891-ed0841639209}\SETAB7A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{6a267111-263c-1936-04b6-6c3182755332}\SETA707.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{7ed69fa1-b004-52a7-f77f-673af01f391d}\SETB3D3.tmp scheduled to be moved on reboot.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration folder moved successfully.
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware folder moved successfully.
C:\ProgramData\Malwarebytes folder moved successfully.
C:\ProgramData\IObit\Driver Booster\License folder moved successfully.
C:\ProgramData\IObit\Driver Booster\Download folder moved successfully.
C:\ProgramData\IObit\Driver Booster folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Scan folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Main folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs\Install folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster\Logs folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit\Driver Booster folder moved successfully.
C:\Users\Tracy\AppData\Roaming\IObit folder moved successfully.
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\SearchURL\\"(Default)"|"" /E : value set successfully!
OTM by OldTimer - Version 3.1.21.0 log created on 11022014_201650
Files moved on Reboot...
C:\Users\Tracy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\system32\DriverStore\Temp\{1a62ba58-9748-01a4-f729-f27305e1b107}\SET6289.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{1fb904f7-951a-582f-5c6a-550713498214}\SETAFDD.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{47f5dcf9-809d-5110-f298-7505401c2e14}\SET65A4.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{516b5d0a-f6e7-1d14-c891-ed0841639209}\SETAB7A.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{6a267111-263c-1936-04b6-6c3182755332}\SETA707.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\system32\DriverStore\Temp\{7ed69fa1-b004-52a7-f77f-673af01f391d}\SETB3D3.tmp scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Re: prosím o preventivní kontrolu
No v podstate mate pravdu, zni to hrozne, az se mi slzy derou do oci 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc. Pokud bude vse v poradku, mame hotovo.
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc. Pokud bude vse v poradku, mame hotovo.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
taktéž vše provedeno, na pc prakticky nepozoruju vůbec žádný rozdíl, opera se taky chová stejně (tj. jednou za čas spadne nebo vyhodí "vnitřní komunikační chyba")
Re: prosím o preventivní kontrolu
Jelikoz jste na zacatku psala, ze je pc bez problemu, tak jsem nejake viditelne zmeny necekal
O opere jste se nezminila.
Postupujte podle navodu kolegy
Postupujte podle navodu kolegy
O opere jste se nezminila.
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
nezmínila, omlouvám se. věc se má tak, že mi kdosi řekl, že je to tím, že mívám často otevřených dost záložek, což je pravda. a taky už se to děje tak dlouho, že mně to jakožto příznak něčeho vůbec nenapadlo. (ono to pc samo o sobě už má nejlepší léta za sebou)
jrt log přikládám, ale zoek se mi nepodařilo dotáhnout do konce. nejprve se zasekl zhruba po půl hodině, pak jsem odešla a ani po celém sni se to nehlo, teď už mi to nejde spustit vůbec, nezávisle na nastavení Comoda.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x64
Ran by Tracy on p 07.11.2014 at 9:40:43,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Tracy\appdata\local\pc_drivers_headquarters"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 07.11.2014 at 10:10:54,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
jrt log přikládám, ale zoek se mi nepodařilo dotáhnout do konce. nejprve se zasekl zhruba po půl hodině, pak jsem odešla a ani po celém sni se to nehlo, teď už mi to nejde spustit vůbec, nezávisle na nastavení Comoda.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x64
Ran by Tracy on p 07.11.2014 at 9:40:43,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Tracy\appdata\local\pc_drivers_headquarters"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 07.11.2014 at 10:10:54,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: prosím o preventivní kontrolu
Zkuste Zoek spustit v nouzovem rezimu.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o preventivní kontrolu
Zoek.exe v5.0.0.0 Updated 05-November-2014
Tool run by Tracy on p 07.11.2014 at 20:14:20,89.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Tracy\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-07-092243.log 1304 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default\prefs.js:
Added to C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\jxjsmi06.default\prefs.js:
Added to C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\jxjsmi06.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\PROGRA~3\ProductData deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://search.daum.net/search?nil_profi ... de=ms&q=%s"
"(Default)"=""
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{48B25920-588A-42A3-ABEC-C611D0A88203}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{3A40E547-20FD-44a2-94D0-1C98342D1507} Daum Url="http://search.daum.net/search?nil_profi ... earchTerms}"
{48B25920-588A-42A3-ABEC-C611D0A88203} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
{5220A4E6-98ED-44AA-838A-4A956E405A63} Daum Url="http://search.daum.net/cgi-bin/nsp/sear ... earchTerms}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=4 1000344 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tracy\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Tracy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 07.11.2014 at 20:26:37,35 ======================
Tool run by Tracy on p 07.11.2014 at 20:14:20,89.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Tracy\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-07-092243.log 1304 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default\prefs.js:
Added to C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\jxjsmi06.default\prefs.js:
Added to C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\jxjsmi06.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\PROGRA~3\ProductData deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Tracy\AppData\Roaming\Thunderbird\Profiles\j4romag7.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://search.daum.net/search?nil_profi ... de=ms&q=%s"
"(Default)"=""
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{48B25920-588A-42A3-ABEC-C611D0A88203}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{3A40E547-20FD-44a2-94D0-1C98342D1507} Daum Url="http://search.daum.net/search?nil_profi ... earchTerms}"
{48B25920-588A-42A3-ABEC-C611D0A88203} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
{5220A4E6-98ED-44AA-838A-4A956E405A63} Daum Url="http://search.daum.net/cgi-bin/nsp/sear ... earchTerms}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tracy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=7 folders=4 1000344 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tracy\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Tracy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on p 07.11.2014 at 20:26:37,35 ======================
Přispějete na provoz fóra?