Zdravím,
procesor běží na 100%, nevím si rady. Poradil by mi někdo prosím?
přikládám screen z process exp., kde nejvíc procesor vytěžuje služba explorer http://2i.cz/6a691c36e5
Děkuji za jakoukoliv radu.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vytížení procesoru
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vytížení procesoru
Zdravím!
Dejte log FRST:
Dejte log FRST:
Stáhněte FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 a uložte na plochu. Spusťte a klikněte na >Scan<. Po skončení skenu se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vytížení procesoru
Tak se mi nepodařilo FRST rozjet, vyhodí mi to hlášku, že nemám patřičná oprávění k přístupu k položce.
A profil na počítači mám jako správce veden.
A profil na počítači mám jako správce veden.
Re: vytížení procesoru
zaskocim:
vloz log RSIT - ak sa nebude darit ani s nim, skus nejaky log z uvedenej dvojice z nudzoveho rezimu PC
vloz log RSIT - ak sa nebude darit ani s nim, skus nejaky log z uvedenej dvojice z nudzoveho rezimu PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: vytížení procesoru
Logfile of random's system information tool 1.10 (written by random/random)
Run by Koltmen at 2015-01-29 10:27:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 26 GB (26%) free of 103 GB
Total RAM: 7095 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:54, on 29.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files\trend micro\Koltmen.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Endpoint Security (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8939 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28535872
\??\C:\Windows\system32\conhost.exe "-63868045860052150-1998759992-1561180095-9793659082175805841796107686-118428713
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=gpu-process --channel="5032.0.1058452642\1022985444" --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,39,48 --gpu-vendor-id=0x10de --gpu-device-id=0x0a75 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.2.1037601170\1649955929" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.3.452942229\897603146" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.5.903624480\534519884" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.7.891769901\1618673440" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.8.188869176\1406983538" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.13.952330041\1271492563" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll" --disable-direct-npapi-requests --lang=cs --channel="5032.14.1665237221\738135068" --enable-proprietary-media-types-playback --crash-reporter-pid=5040 /prefetch:-390060480
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=ppapi --channel="5032.15.561148459\1319934947" --ppapi-flash-args --lang=cs --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" /o /eo /l /b /id 3724
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=3708.0.14004554 --type=renderer /o /eo /l /b /id 3724
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.16.2105950968\1087644204" /prefetch:673131151
"C:\Program Files (x86)\WinRAR\WinRAR.exe" "D:\Stažené soubory\_MR_prednasky_prikl.ZIP"
"C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE" "D:\Stažené soubory\MRpr09-RegulaceU2013.ppt"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.28.1905447092\544762016" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.29.332865887\825716586" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\Koltmen\Desktop\MRpr11DisspecerckeRizeni.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=5696.0.1373372644 --type=renderer "C:\Users\Koltmen\Desktop\MRpr11DisspecerckeRizeni.pdf"
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.35.698612602\299891937" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.36.2011733182\1599522207" /prefetch:673131151
"D:\Stažené soubory\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-06 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-12 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-12 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-18 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-11-28 508472]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2009-12-17 4367808]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2009-12-17 6988736]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\331BigDog]
C:\Program Files (x86)\USB Camera\VM331_STI.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Koltmen\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Koltmen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncgrkcbSrv]
C:\Windows\inf\mncgrkcb.vbe [2014-01-19 1342]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
C:\Windows\system32\msstp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-10-15 468192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05 136488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2010-12-05 224352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-01-19 729744]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-01-29 10:27:42 ----D---- C:\rsit
2015-01-29 10:27:42 ----D---- C:\Program Files\trend micro
2015-01-28 20:14:24 ----D---- C:\ProgramData\SystemExplorer
2015-01-28 20:14:18 ----D---- C:\Program Files (x86)\System Explorer
2015-01-27 06:32:20 ----SHD---- C:\Config.Msi
2015-01-16 17:32:54 ----D---- C:\Program Files (x86)\Rockstar Games
2015-01-16 17:27:28 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-01-16 17:27:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-01-16 17:27:28 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-01-16 17:27:28 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-01-15 21:05:42 ----D---- C:\Program Files (x86)\ESET
2015-01-14 06:05:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:05:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 06:05:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 06:05:42 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 06:05:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 06:05:41 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 06:05:41 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 05:04:16 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 05:04:15 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 05:04:14 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 05:04:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 05:04:13 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 05:04:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-02 18:45:17 ----D---- C:\Users\Koltmen\AppData\Roaming\Publish Providers
2015-01-02 18:43:49 ----D---- C:\Program Files\Sony
2015-01-02 18:20:25 ----D---- C:\Users\Koltmen\AppData\Roaming\Sony
======List of files/folders modified in the last 1 month======
2015-01-29 10:27:47 ----D---- C:\Windows\temp
2015-01-29 10:27:42 ----RD---- C:\Program Files
2015-01-29 10:05:54 ----D---- C:\ProgramData\Kaspersky Lab
2015-01-29 09:04:11 ----D---- C:\Windows\system32\Tasks
2015-01-29 08:41:33 ----D---- C:\Windows\inf
2015-01-29 08:41:33 ----D---- C:\Windows
2015-01-29 08:25:38 ----D---- C:\Windows\system32\config
2015-01-29 08:03:09 ----SHD---- C:\System Volume Information
2015-01-28 22:50:51 ----D---- C:\Program Files (x86)\Internet Explorer
2015-01-28 22:50:43 ----D---- C:\Windows\system32\NDF
2015-01-28 22:31:57 ----D---- C:\Windows\Tasks
2015-01-28 22:31:57 ----D---- C:\Windows\system32\wfp
2015-01-28 22:31:54 ----D---- C:\Windows\system32\wbem
2015-01-28 22:31:02 ----D---- C:\Windows\SYSWOW64\%Report%
2015-01-28 22:31:02 ----D---- C:\Windows\SysWOW64
2015-01-28 22:31:02 ----D---- C:\Windows\system32\DriverStore
2015-01-28 22:31:02 ----D---- C:\Windows\system32\catroot2
2015-01-28 22:31:02 ----D---- C:\Windows\System32
2015-01-28 22:31:02 ----D---- C:\Windows\Migration
2015-01-28 22:31:02 ----D---- C:\Windows\Microsoft.NET
2015-01-28 22:30:53 ----SHD---- C:\Windows\Installer
2015-01-28 22:30:39 ----D---- C:\Users\Koltmen\AppData\Roaming\GHISLER
2015-01-28 22:30:38 ----RD---- C:\Program Files (x86)
2015-01-28 22:30:38 ----D---- C:\Program Files (x86)\R.G. Catalyst
2015-01-28 22:30:38 ----D---- C:\Program Files (x86)\Quake Live
2015-01-28 22:30:03 ----D---- C:\Windows\registration
2015-01-28 22:30:01 ----D---- C:\Windows\SYSWOW64\config
2015-01-28 22:27:42 ----D---- C:\ProgramData
2015-01-28 22:21:19 ----D---- C:\Windows\SoftwareDistribution
2015-01-28 22:10:17 ----D---- C:\Windows\system32\LogFiles
2015-01-28 21:13:39 ----D---- C:\Windows\debug
2015-01-28 17:19:03 ----D---- C:\Windows\Logs
2015-01-25 16:52:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-18 20:42:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-16 19:59:02 ----D---- C:\Users\Koltmen\AppData\Roaming\uTorrent
2015-01-16 17:31:33 ----D---- C:\Windows\winsxs
2015-01-15 20:48:51 ----D---- C:\Windows\Prefetch
2015-01-15 06:09:02 ----D---- C:\ProgramData\ProductData
2015-01-15 06:02:40 ----D---- C:\Windows\system32\drivers
2015-01-15 05:59:49 ----D---- C:\Windows\system32\MRT
2015-01-15 05:35:00 ----A---- C:\Windows\system32\MRT.exe
2015-01-08 09:55:52 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-03 10:44:20 ----D---- C:\Users\Koltmen\AppData\Roaming\Adobe
2015-01-02 18:43:50 ----D---- C:\ProgramData\Sony
2015-01-02 18:43:49 ----D---- C:\Program Files (x86)\Sony
2015-01-01 23:51:23 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-17 283200]
R1 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2012-09-13 32088]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-04-08 644368]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-11-23 28504]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2012-11-22 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-11-16 178008]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-10-11 917112]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-10-11 129168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-11-05 2838008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-12-05 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-12-01 709632]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-10-11 142528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-10-17 21712]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-08-27 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-08-27 30424]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-09-01 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-11 232992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-09-01 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-09-01 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-10-11 157448]
S3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AVP;Služba Kaspersky Endpoint Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-01-19 729744]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-08 1255736]
S4 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-11-14 85096]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
S4 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Run by Koltmen at 2015-01-29 10:27:42
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 26 GB (26%) free of 103 GB
Total RAM: 7095 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:54, on 29.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\WinRAR\WinRAR.exe
C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
C:\Program Files\trend micro\Koltmen.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: PDF Architect Helper - {691B33B0-B86E-47F3-81C7-56E4FE3B929C} - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Endpoint Security (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Performance Driver Service - Unknown owner - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: pdfforge CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8939 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28535872
\??\C:\Windows\system32\conhost.exe "-63868045860052150-1998759992-1561180095-9793659082175805841796107686-118428713
C:\Windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
"C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe" -r
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=gpu-process --channel="5032.0.1058452642\1022985444" --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,39,48 --gpu-vendor-id=0x10de --gpu-device-id=0x0a75 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.2.1037601170\1649955929" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.3.452942229\897603146" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.5.903624480\534519884" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.7.891769901\1618673440" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.8.188869176\1406983538" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.13.952330041\1271492563" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll" --disable-direct-npapi-requests --lang=cs --channel="5032.14.1665237221\738135068" --enable-proprietary-media-types-playback --crash-reporter-pid=5040 /prefetch:-390060480
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=ppapi --channel="5032.15.561148459\1319934947" --ppapi-flash-args --lang=cs --enable-proprietary-media-types-playback --crash-reporter-pid=5040 --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" /o /eo /l /b /id 3724
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=3708.0.14004554 --type=renderer /o /eo /l /b /id 3724
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.16.2105950968\1087644204" /prefetch:673131151
"C:\Program Files (x86)\WinRAR\WinRAR.exe" "D:\Stažené soubory\_MR_prednasky_prikl.ZIP"
"C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE" "D:\Stažené soubory\MRpr09-RegulaceU2013.ppt"
C:\Windows\splwow64.exe 8192
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.28.1905447092\544762016" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.29.332865887\825716586" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" "C:\Users\Koltmen\Desktop\MRpr11DisspecerckeRizeni.pdf"
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe" --channel=5696.0.1373372644 --type=renderer "C:\Users\Koltmen\Desktop\MRpr11DisspecerckeRizeni.pdf"
"C:\Windows\system32\taskmgr.exe" /4
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.35.698612602\299891937" /prefetch:673131151
"C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe" --type=renderer --alt-high-dpi-setting=96 --disable-direct-npapi-requests --enable-deferred-image-decoding --lang=cs --enable-proprietary-media-types-playback --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_16_0_0_280.dll" --ppapi-flash-version=16.0.0.280 --with-feature:enhanced-autofill --crash-reporter-pid=5040 --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="5032.36.2011733182\1599522207" /prefetch:673131151
"D:\Stažené soubory\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-11-06 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-12 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-12 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10 37928]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-11-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Browser Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-11-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - PDF Architect Toolbar - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10 478760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-18 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-11-28 508472]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [2009-12-17 4367808]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2009-12-17 6988736]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-08-22 2281248]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\331BigDog]
C:\Program Files (x86)\USB Camera\VM331_STI.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Koltmen\AppData\Roaming\Seznam.cz\szninstall.exe -c []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Koltmen\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncgrkcbSrv]
C:\Windows\inf\mncgrkcb.vbe [2014-01-19 1342]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
C:\Windows\system32\msstp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-10-15 468192]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Mirage]
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05 136488]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YouCam Tray]
C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2010-12-05 224352]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-01-19 729744]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-01-29 10:27:42 ----D---- C:\rsit
2015-01-29 10:27:42 ----D---- C:\Program Files\trend micro
2015-01-28 20:14:24 ----D---- C:\ProgramData\SystemExplorer
2015-01-28 20:14:18 ----D---- C:\Program Files (x86)\System Explorer
2015-01-27 06:32:20 ----SHD---- C:\Config.Msi
2015-01-16 17:32:54 ----D---- C:\Program Files (x86)\Rockstar Games
2015-01-16 17:27:28 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-01-16 17:27:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-01-16 17:27:28 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-01-16 17:27:28 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-01-15 21:05:42 ----D---- C:\Program Files (x86)\ESET
2015-01-14 06:05:44 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 06:05:43 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 06:05:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 06:05:42 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 06:05:41 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 06:05:41 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 06:05:41 ----A---- C:\Windows\system32\rstrui.exe
2015-01-14 05:04:16 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 05:04:15 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 05:04:14 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 05:04:13 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 05:04:13 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 05:04:12 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-02 18:45:17 ----D---- C:\Users\Koltmen\AppData\Roaming\Publish Providers
2015-01-02 18:43:49 ----D---- C:\Program Files\Sony
2015-01-02 18:20:25 ----D---- C:\Users\Koltmen\AppData\Roaming\Sony
======List of files/folders modified in the last 1 month======
2015-01-29 10:27:47 ----D---- C:\Windows\temp
2015-01-29 10:27:42 ----RD---- C:\Program Files
2015-01-29 10:05:54 ----D---- C:\ProgramData\Kaspersky Lab
2015-01-29 09:04:11 ----D---- C:\Windows\system32\Tasks
2015-01-29 08:41:33 ----D---- C:\Windows\inf
2015-01-29 08:41:33 ----D---- C:\Windows
2015-01-29 08:25:38 ----D---- C:\Windows\system32\config
2015-01-29 08:03:09 ----SHD---- C:\System Volume Information
2015-01-28 22:50:51 ----D---- C:\Program Files (x86)\Internet Explorer
2015-01-28 22:50:43 ----D---- C:\Windows\system32\NDF
2015-01-28 22:31:57 ----D---- C:\Windows\Tasks
2015-01-28 22:31:57 ----D---- C:\Windows\system32\wfp
2015-01-28 22:31:54 ----D---- C:\Windows\system32\wbem
2015-01-28 22:31:02 ----D---- C:\Windows\SYSWOW64\%Report%
2015-01-28 22:31:02 ----D---- C:\Windows\SysWOW64
2015-01-28 22:31:02 ----D---- C:\Windows\system32\DriverStore
2015-01-28 22:31:02 ----D---- C:\Windows\system32\catroot2
2015-01-28 22:31:02 ----D---- C:\Windows\System32
2015-01-28 22:31:02 ----D---- C:\Windows\Migration
2015-01-28 22:31:02 ----D---- C:\Windows\Microsoft.NET
2015-01-28 22:30:53 ----SHD---- C:\Windows\Installer
2015-01-28 22:30:39 ----D---- C:\Users\Koltmen\AppData\Roaming\GHISLER
2015-01-28 22:30:38 ----RD---- C:\Program Files (x86)
2015-01-28 22:30:38 ----D---- C:\Program Files (x86)\R.G. Catalyst
2015-01-28 22:30:38 ----D---- C:\Program Files (x86)\Quake Live
2015-01-28 22:30:03 ----D---- C:\Windows\registration
2015-01-28 22:30:01 ----D---- C:\Windows\SYSWOW64\config
2015-01-28 22:27:42 ----D---- C:\ProgramData
2015-01-28 22:21:19 ----D---- C:\Windows\SoftwareDistribution
2015-01-28 22:10:17 ----D---- C:\Windows\system32\LogFiles
2015-01-28 21:13:39 ----D---- C:\Windows\debug
2015-01-28 17:19:03 ----D---- C:\Windows\Logs
2015-01-25 16:52:45 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-18 20:42:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-16 19:59:02 ----D---- C:\Users\Koltmen\AppData\Roaming\uTorrent
2015-01-16 17:31:33 ----D---- C:\Windows\winsxs
2015-01-15 20:48:51 ----D---- C:\Windows\Prefetch
2015-01-15 06:09:02 ----D---- C:\ProgramData\ProductData
2015-01-15 06:02:40 ----D---- C:\Windows\system32\drivers
2015-01-15 05:59:49 ----D---- C:\Windows\system32\MRT
2015-01-15 05:35:00 ----A---- C:\Windows\system32\MRT.exe
2015-01-08 09:55:52 ----N---- C:\Windows\system32\MpSigStub.exe
2015-01-03 10:44:20 ----D---- C:\Users\Koltmen\AppData\Roaming\Adobe
2015-01-02 18:43:50 ----D---- C:\ProgramData\Sony
2015-01-02 18:43:49 ----D---- C:\Program Files (x86)\Sony
2015-01-01 23:51:23 ----D---- C:\Program Files (x86)\Opera
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2012-06-19 458584]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-04-17 283200]
R1 KLFLTDEV;Kaspersky Lab KLFltDev; C:\Windows\system32\DRIVERS\klfltdev.sys [2012-09-13 32088]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2014-04-08 644368]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2012-11-23 28504]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2012-11-22 54104]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2012-11-16 178008]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2014-10-11 917112]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2014-10-11 129168]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-10-18 28176]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-11-05 2838008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-12-05 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-12-01 709632]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-10-11 142528]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-10-17 21712]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-08-27 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-08-27 30424]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-09-01 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-12-11 232992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2014-09-01 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2014-09-01 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2014-10-11 157448]
S3 vm331avs;Digital Camera 1; C:\Windows\System32\Drivers\vm331avs.sys [2009-11-09 207232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-08-06 151656]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-08-18 893216]
R2 AVP;Služba Kaspersky Endpoint Security; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security 10 for Windows\avp.exe [2013-01-19 729744]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service; C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2009-12-08 6810728]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 pdfforge CrashHandler;pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [2014-10-10 861736]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-08 1255736]
S4 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-11-14 85096]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-04 116648]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2014-08-19 2282272]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
S4 PDF Architect 2 Creator;PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [2014-10-10 738856]
S4 PDF Architect 2;PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [2014-10-10 1771560]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Re: vytížení procesoru
najprv odinstaluj tento meganezmysel IObit\Advanced SystemCare 7
ked to bude napis - budeme odvirovat
ked to bude napis - budeme odvirovat
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: vytížení procesoru
Odinstalováno, můžeme pokračovat.
Re: vytížení procesoru
1. spust regedit a nechaj vyhladat slovo mncgrkcbSrv
najdeny kluc ZMAZ - nic ine - zavri regedit - restart PC
2. nechaj vycistit PC s MBAM - log sem
najdeny kluc ZMAZ - nic ine - zavri regedit - restart PC
2. nechaj vycistit PC s MBAM - log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: vytížení procesoru
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 29.1.2015
Scan Time: 11:08:19
Logfile: MBAB.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.29.05
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Koltmen
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351472
Time Elapsed: 25 min, 49 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3419023451-3183080774-254990463-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [85a400fddbaebd797db5384c748f55ab],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 5
Stolen.Data, C:\Users\Koltmen\AppData\Roaming\Imminent\Logs, , [dd4c45b8f5948ea81124f4b26b985aa6],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy, , [cc5d00fde8a1b581228a251fd13228d8],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy\35E78052B62A40E0B0AB6ECFA9585DE3, , [cc5d00fde8a1b581228a251fd13228d8],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\bitstreams, , [43e602fbe8a178be776b4105b74c56aa],
Files: 17
Misused.Legit.AI, C:\Users\Koltmen\j7g8yb7f712c\AdvancedSystemCare.exe, , [d1580cf1ea9fe254f0dad3ef19e8be42],
Stolen.Data, C:\Users\Koltmen\AppData\Roaming\Imminent\Logs\06-11-2014, , [dd4c45b8f5948ea81124f4b26b985aa6],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy\35E78052B62A40E0B0AB6ECFA9585DE3\avg_tuht_stf_cs_2014_206_CZ.exe, , [cc5d00fde8a1b581228a251fd13228d8],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\diablo130302.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\diakgcn121016.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libcurl-4.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libeay32.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libidn-11.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\librtmp.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libssh2.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\mncgrkcb.exe, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\phatk121016.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\poclbm130302.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\scrypt130511.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\ssleay32.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\zlib1.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [43e602fbe8a178be776b4105b74c56aa],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 29.1.2015
Scan Time: 11:08:19
Logfile: MBAB.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.29.05
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Koltmen
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351472
Time Elapsed: 25 min, 49 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3419023451-3183080774-254990463-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, , [85a400fddbaebd797db5384c748f55ab],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 5
Stolen.Data, C:\Users\Koltmen\AppData\Roaming\Imminent\Logs, , [dd4c45b8f5948ea81124f4b26b985aa6],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy, , [cc5d00fde8a1b581228a251fd13228d8],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy\35E78052B62A40E0B0AB6ECFA9585DE3, , [cc5d00fde8a1b581228a251fd13228d8],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\bitstreams, , [43e602fbe8a178be776b4105b74c56aa],
Files: 17
Misused.Legit.AI, C:\Users\Koltmen\j7g8yb7f712c\AdvancedSystemCare.exe, , [d1580cf1ea9fe254f0dad3ef19e8be42],
Stolen.Data, C:\Users\Koltmen\AppData\Roaming\Imminent\Logs\06-11-2014, , [dd4c45b8f5948ea81124f4b26b985aa6],
PUP.Optional.OpenCandy, C:\Users\Koltmen\AppData\Roaming\OpenCandy\35E78052B62A40E0B0AB6ECFA9585DE3\avg_tuht_stf_cs_2014_206_CZ.exe, , [cc5d00fde8a1b581228a251fd13228d8],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\diablo130302.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\diakgcn121016.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libcurl-4.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libeay32.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libidn-11.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\librtmp.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\libssh2.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\mncgrkcb.exe, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\phatk121016.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\poclbm130302.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\scrypt130511.cl, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\ssleay32.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\zlib1.dll, , [43e602fbe8a178be776b4105b74c56aa],
Trojan.Agent.BCM, C:\Windows\inf\mncgrkcb\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [43e602fbe8a178be776b4105b74c56aa],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: vytížení procesoru
vsetko najdene nechaj odstranit do karanteny MBAM
restart - vycisti PC s CCleanerom - hlavne registre a hotovo
restart - vycisti PC s CCleanerom - hlavne registre a hotovo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: vytížení procesoru
Mockrát děkuji pane. 
Re: vytížení procesoru
rado sa stalo - ak by nieco - sme tu 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?