VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problém s myší a s trojany.

https://forum.viry.cz:443/viewtopic.php?t=148080

Stránka 1 z 1

Problém s myší a s trojany.

Napsal: 25 úno 2016 17:42
od nulka
Myš se někdy sekne na vteřinku,ale hlavně každou chvíli mi MBAM najde 6ks Trojan,Agent.GENX.IPH. Díky Nulka

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vlada at 2016-02-25 17:38:11
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 246 GB (81%) free of 305 GB
Total RAM: 4095 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:38:19, on 25.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Vlada.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [piopqhvexa] wscript.exe //B "C:\Users\Vlada\AppData\Roaming\piopqhvexa.vbs"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: CCleaner.lnk = Vlada\AppData\Roaming\idman.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7596 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1a9d7df6-0e97-4537-96a6-e9b25f4e6eae -SystemEventPortName:HostProcess-8ce1af43-b4f4-4fe8-9cb5-41c7707f2bb4 -IoCancelEventPortName:HostProcess-8870c7cb-adf2-49da-a23c-d91acca98512 -NonStateChangingEventPortName:HostProcess-e9c4d26b-b5f7-4058-86c0-e421f2a4e060 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:abefc7d7-8a28-4097-9cb7-13f32f436db6
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 90107820-aa3b-4246-9d7b-f8f411bb560f 1
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Steam\Steam.exe" -silent
\??\C:\Windows\system32\conhost.exe "7540657763012429892124987304-6287643001285720108-1692209160489765769683080407
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
\??\C:\Windows\system32\conhost.exe "-929001793-98049848-372099551244539266401433416-1352183497-488396278-544790801
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Vlada\AppData\Local\Steam\htmlcache" -steampid=2612 -buildid=1454620878 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Vlada\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\dp92fvop.default

prefs.js - "browser.startup.homepage" - "seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.306 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.74.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll


C:\Users\Vlada\AppData\Roaming\Mozilla\Firefox\Profiles\dp92fvop.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-23 553056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-23 214112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-13 2585744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2016-02-23 16408320]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-02-04 3014224]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]
"piopqhvexa"=wscript.exe //B C:\Users\Vlada\AppData\Roaming\piopqhvexa.vbs []
"TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2015-07-13 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe /MONITOR []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seznam Postak]
C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-10-13 1514528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-02-10 50599552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Vlada^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^piopqhvexa.vbs]
C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\piopqhvexa.vbs []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29 596016]

C:\Users\Vlada\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CCleaner.lnk - C:\Users\Vlada\AppData\Roaming\idman.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-02-25 17:38:11 ----D---- C:\rsit
2016-02-25 17:38:11 ----D---- C:\Program Files\trend micro
2016-02-25 17:21:40 ----D---- C:\Windows\pss
2016-02-23 09:40:56 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2016-02-23 09:40:56 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2016-02-23 09:40:56 ----A---- C:\Windows\SYSWOW64\SECOMN32.DLL
2016-02-23 09:40:56 ----A---- C:\Windows\system32\YamahaAE2.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\YamahaAE.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\WavesGUILib64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tossaemaxapo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tossaeapo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\toseaeapo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tosasfapo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tosade.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tepeqapo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tadefxapo264.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\tadefxapo.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRSWOW64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRSTSX64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRSTSH64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRSHP64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRRPTR64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRCOM64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRCOM.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SRAPO64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\sltech64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\slprp64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\slcnt64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\sl3apo64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SFSS_APO.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SFNHK64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SFCOM64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SFAPO64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SEHDRA64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SECOMN64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\SEAPO64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\RtPgEx64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2016-02-23 09:40:56 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2016-02-23 09:40:56 ----A---- C:\Windows\system32\drivers\rtkSSTsetting.dat
2016-02-23 09:40:55 ----A---- C:\Windows\SYSWOW64\RltkAPO.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RtkCfg64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RtkApi64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RTEEP64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RTEEL64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RTEEG64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RTEED64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RtDataProc64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RTCOM64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RP3DHT64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RP3DAA64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RltkAPO64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RCoRes64.dat
2016-02-23 09:40:55 ----A---- C:\Windows\system32\RCoInstII64.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\R4EEP64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\R4EEL64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\R4EEG64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\R4EED64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\R4EEA64A.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\NAHIMICV2apo.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\NahimicAPONSControl.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\MISS_APO.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-02-23 09:40:55 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO7064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\KAAPORT64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\IntelSstCApoPropPage.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\IntelSSTAPO.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2016-02-23 09:40:54 ----A---- C:\Windows\system32\HiFiDAX2API.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\FMAPO64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DolbyDAX2APOv211.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DolbyDAX2APOv201.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DolbyDAX2APOProp.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPP64AF3.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPP64A.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPO64AF3.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPO64A.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPD64AF3.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPD64A.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPA64F3.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\DDPA64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\CX64APO.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\audioLibVc.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\AERTAR64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\AERTAC64.dll
2016-02-23 09:40:53 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2016-02-23 09:40:36 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2016-02-23 09:40:36 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2016-02-23 09:40:27 ----A---- C:\Windows\system32\nvuninst.exe
2016-02-23 09:40:19 ----A---- C:\Windows\system32\nvusmb.exe
2016-02-23 09:40:19 ----A---- C:\Windows\system32\NVCOSMB.DLL
2016-02-22 12:06:40 ----D---- C:\ProgramData\TomTom
2016-02-22 12:03:43 ----D---- C:\Users\Vlada\AppData\Roaming\TomTom
2016-02-22 12:03:27 ----D---- C:\Program Files (x86)\TomTom HOME 2
2016-02-22 12:02:56 ----D---- C:\Program Files (x86)\TomTom International B.V
2016-02-21 18:14:42 ----D---- C:\ProgramData\Package Cache
2016-02-18 16:41:23 ----A---- C:\Users\Vlada\AppData\Roaming\piopqhvexa.vbs
2016-02-16 16:06:26 ----A---- C:\Users\Vlada\AppData\Roaming\WordPad.exe.tmp
2016-02-16 09:42:07 ----D---- C:\Windows\system32\DAX2
2016-02-16 09:42:02 ----D---- C:\Windows\SYSWOW64\RTCOM
2016-02-16 09:42:02 ----D---- C:\Program Files\Realtek
2016-02-16 09:41:21 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2016-02-16 09:35:41 ----A---- C:\Windows\system32\cohelper.dll
2016-02-16 09:35:39 ----A---- C:\Windows\system32\nvconrm.dll
2016-02-16 09:35:39 ----A---- C:\Windows\system32\fdco2.dll
2016-02-16 09:35:39 ----A---- C:\Windows\system32\drivers\nvmf6264.sys
2016-02-16 09:30:13 ----A---- C:\Windows\system32\drivers\AmUStor.sys
2016-02-16 09:30:13 ----A---- C:\Windows\system32\AmUStor.ini
2016-02-16 09:30:13 ----A---- C:\Windows\system32\AmUStor.dll
2016-02-16 09:27:21 ----A---- C:\Windows\system32\drivers\jraid.sys
2016-02-16 09:18:44 ----D---- C:\ProgramData\ProductData
2016-02-16 09:17:49 ----D---- C:\ProgramData\IObit
2016-02-16 09:17:49 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-02-16 09:17:48 ----D---- C:\Users\Vlada\AppData\Roaming\IObit
2016-02-16 09:17:23 ----D---- C:\Program Files (x86)\Iobit
2016-02-16 09:06:09 ----RD---- C:\Program Files (x86)\Skype
2016-02-15 18:16:03 ----D---- C:\Users\Vlada\AppData\Roaming\Seznam.cz
2016-02-15 18:11:06 ----D---- C:\Program Files\CCleaner
2016-02-13 11:09:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-02-10 13:07:26 ----D---- C:\Program Files (x86)\SaveSnap
2016-02-09 18:42:12 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-09 18:41:36 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-02-09 18:41:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-09 18:41:36 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-02-09 18:41:35 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-07 16:40:18 ----A---- C:\Windows\SYSWOW64\driver_booster_setup.exe
2016-02-04 18:08:12 ----D---- C:\$WINDOWS.~BT
2016-02-04 18:08:10 ----HD---- C:\$Windows.~WS
2016-02-04 17:52:51 ----D---- C:\ProgramData\Canneverbe Limited
2016-02-04 17:52:46 ----D---- C:\Users\Vlada\AppData\Roaming\Canneverbe Limited
2016-02-04 17:52:45 ----D---- C:\Program Files (x86)\CDBurnerXP

======List of files/folders modified in the last 1 month======

2016-02-25 17:38:19 ----D---- C:\Windows\Prefetch
2016-02-25 17:38:12 ----D---- C:\Windows\Temp
2016-02-25 17:38:11 ----RD---- C:\Program Files
2016-02-25 17:25:35 ----D---- C:\Windows\system32\config
2016-02-25 17:22:54 ----D---- C:\Users\Vlada\AppData\Roaming\Skype
2016-02-25 17:22:43 ----D---- C:\Program Files (x86)\Steam
2016-02-25 17:21:40 ----D---- C:\Windows
2016-02-25 17:09:27 ----D---- C:\Windows\system32\drivers
2016-02-25 17:08:36 ----D---- C:\Windows\Speech
2016-02-24 17:27:19 ----D---- C:\Windows\System32
2016-02-24 17:27:19 ----D---- C:\Windows\inf
2016-02-24 17:27:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-02-23 09:46:15 ----D---- C:\ProgramData\NVIDIA
2016-02-23 09:44:10 ----SHD---- C:\Windows\Installer
2016-02-23 09:44:10 ----D---- C:\Program Files (x86)\Common Files
2016-02-23 09:43:26 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-23 09:43:11 ----D---- C:\Program Files\Java
2016-02-23 09:42:35 ----D---- C:\Windows\system32\catroot
2016-02-23 09:42:07 ----D---- C:\Windows\SysWOW64
2016-02-23 09:41:30 ----D---- C:\Windows\system32\DriverStore
2016-02-23 09:40:36 ----A---- C:\Windows\system32\nvaudcap64v.dll
2016-02-23 09:39:41 ----SHD---- C:\System Volume Information
2016-02-22 19:52:31 ----D---- C:\Windows\registration
2016-02-22 12:30:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-02-22 12:06:40 ----HD---- C:\ProgramData
2016-02-22 12:05:22 ----D---- C:\Windows\system32\catroot2
2016-02-22 12:03:27 ----RD---- C:\Program Files (x86)
2016-02-22 12:02:56 ----D---- C:\Windows\winsxs
2016-02-21 18:16:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-02-16 09:35:48 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2016-02-16 09:35:41 ----D---- C:\Program Files\NVIDIA Corporation
2016-02-16 09:18:47 ----D---- C:\Windows\system32\Tasks
2016-02-16 09:18:44 ----D---- C:\Windows\Tasks
2016-02-16 09:17:49 ----D---- C:\Windows\SYSWOW64\drivers
2016-02-16 09:06:17 ----D---- C:\ProgramData\Skype
2016-02-15 19:47:02 ----SD---- C:\Users\Vlada\AppData\Roaming\Microsoft
2016-02-15 19:36:34 ----D---- C:\Windows\system32\wfp
2016-02-15 19:36:33 ----D---- C:\Windows\system32\wbem
2016-02-14 15:47:46 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-08 14:37:35 ----D---- C:\ProgramData\Oracle
2016-02-04 20:21:24 ----SD---- C:\ProgramData\Microsoft
2016-02-04 20:21:24 ----D---- C:\Windows\Panther
2016-02-04 19:23:43 ----D---- C:\Windows\rescache
2016-02-04 18:08:09 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2016-02-16 123704]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-02-16 27552]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2016-02-16 92312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-02-23 4705536]
R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2016-02-16 349416]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-13 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-02-23 46768]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-13 1148560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-13 1706128]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-13 21833360]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-10-13 933168]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-02-04 835152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-22 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-12-28 245544]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-18 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-12-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-02-13 146888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Problém s myší a s trojany.

Napsal: 25 úno 2016 18:29
od Rudy
Zdravím!
Jak je na tom váš oper. systém s legalitou?

Re: Problém s myší a s trojany.

Napsal: 25 úno 2016 18:48
od nulka
Tak to ví jenom vnuk,zeptám se ho až přijedena návštěvu a bude hrát na PC hry. Je nelegální ? Nulka

Re: Problém s myší a s trojany.

Napsal: 25 úno 2016 19:48
od Rudy
Na to, že není legální, mám silné podezření.

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 15:02
od nulka
Tak je to prý ze školy.

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 15:26
od Rudy
OK. Udělejte tyto skeny:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 17:04
od nulka
Má to o 3.500 více znaků a nejde to odeslat.

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 17:06
od nulka
OTL Extras logfile created on: 26.2.2016 16:20:23 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vlada\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 42,92% Memory free
8,00 Gb Paging File | 5,70 Gb Available in Paging File | 71,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,08 Gb Total Space | 240,48 Gb Free Space | 80,68% Space Free | Partition Type: NTFS

Computer Name: VLADA-PC | User Name: Vlada | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1155511446-2986953438-3172019654-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097EC437-9D42-4ABC-A8D3-596B1C903766}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{09A20061-845C-49E3-A8FE-BE3834DC109D}" = rport=445 | protocol=6 | dir=out | app=system |
"{0E90F40D-3794-46B9-9198-F9D08D7E6D27}" = rport=139 | protocol=6 | dir=out | app=system |
"{222093D7-A9E4-479B-ABB2-384F3E20B65E}" = lport=137 | protocol=17 | dir=in | app=system |
"{3980E658-0E21-4324-A023-17913E620E1D}" = rport=137 | protocol=17 | dir=out | app=system |
"{399A6367-70FF-4968-BDCF-E262BF7ABDE7}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4F57B515-A421-4EEE-B879-309B31B85241}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5668EB28-820C-4625-A9BD-ECB448FD4083}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5C0478DB-2AB1-4D71-832D-77A542DEB1CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69827F06-2EAD-464F-B0CE-59F5DB9C0DA5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6AD1AD51-B154-4F1A-BD7E-413BC1A829F2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82C5DCD1-9DFF-48A4-A4BE-E41A539AEAB4}" = lport=445 | protocol=6 | dir=in | app=system |
"{98CBBA73-DC81-463C-A364-13AFE836F6B4}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{9A1D6AB7-7B7F-4CF0-AED8-75076CC852D7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9C67DC9B-E38B-42AE-AE87-51CDBCBCC5B0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A570BC74-96D7-4105-B866-331694281928}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A93199C5-B8A8-4385-B32F-7C8874E59EF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA7EB270-207F-4AD6-96BC-3291C1F40FFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D241261C-70E8-43B3-8BF7-78BB0B7D74E4}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{D4F4F8AD-3DB8-44D8-9B16-09513C8C4BA9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{D5972810-186E-47DB-945F-098102F28089}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{D80305A8-07E9-40D6-A34D-AA5CE3B5829C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E09C941B-37EE-4C5A-8776-E07D5DC1BA66}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA14EF30-338F-49B5-B33C-DF44A10003BF}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{EEA1018E-D3FD-4EEC-82C5-C7CFD9F004C1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EEABC903-F2CB-44B0-927C-B9E2F2BF473A}" = lport=138 | protocol=17 | dir=in | app=system |
"{F476413D-7A86-49F5-89D6-C70653B0DF4D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FDCC889A-9019-4910-9BC3-9A94C5F7403B}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{078F8D57-4405-4807-8A52-37885F31C71E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0912BED2-5AF8-4F28-94A3-28B87CB1A467}" = dir=in | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{092682E3-F6E4-4677-9722-B88F6EB56155}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{0F92DE04-ED19-438B-A4D0-A63D76F9C9EA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{16FEB26B-DED7-4B4A-8414-14EE48B349CB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18CDBEEB-572F-443B-BBBD-FFD78845D3BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21A65FF8-A083-4762-A4CC-859870BE5318}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{21B26C99-950A-4A55-B7EB-783870E4069B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2527D7B2-B3C4-4582-870A-729D41F6A368}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{26740E32-46AF-4713-89E5-7A76783BE733}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26E1245B-8471-43E7-BAEC-B056981D84D2}" = dir=out | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{27B9DDDB-CBCF-4B64-B829-ABA6A298255E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\clicker heroes\clicker heroes.exe |
"{28075994-8CB8-46DD-B6E9-DC6F91D95960}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{2DF4F32A-E431-4D16-9D66-14EA874F3FB3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{37BA142A-4F24-4338-9940-96ADB658F2FF}" = protocol=6 | dir=out | app=system |
"{623A18C6-EA94-4579-96D6-5DD34AF0D549}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6DA3EEE9-4402-4CCF-83A2-CD955DDA20A6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{6E0F53AA-D2B9-4FB3-994F-C7AF2C963411}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\clicker heroes\clicker heroes.exe |
"{7B7D0CC0-F558-4E95-BAA5-E8E4AC23FB86}" = dir=out | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{7E2F8DF1-6309-41A7-B7D1-CC5C8990EFE2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A1C0AF0-1C17-4340-BEF9-3F3DDF1B759F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe |
"{9198DAA9-329A-40FB-9922-12360C574D4E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{949F1EE6-6FDF-4EBE-A415-DE04443AB48B}" = dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{999D3B1A-7B67-4902-A3B1-5D24600E794A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C8EDF29-7E74-43B1-B540-BACED3388552}" = dir=out | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{9D6DA188-FD14-471E-BB9A-EEA847E5272B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{A8FDA29D-46D5-4088-BDC9-583EAC836220}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B2DDCDE1-1F5C-4A5F-B806-84852AE4F56F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{BCB59CEF-79FD-48E5-86EF-6CBBC14FBC79}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BD9E3656-BC83-45A7-A35C-EA92B285F17A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C7DBD89C-6C62-45D5-BEC9-BF0EFF03B545}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{CAC99501-CF98-49DF-9BD3-AB3CFC4BC7A2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{D62C4A79-1987-4ACD-95EF-1C94E97ECAAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\robocraft\robocraft.exe |
"{DBDA8C65-B00B-484B-AE2E-0AE96C801A6C}" = dir=in | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{E1E0AED1-94DB-4CD9-A439-D4875BDFFCEB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E2F36780-EA89-4573-8C90-77BFF1D80A1F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E52FE8B1-FF72-40E3-936A-E9D02055AF60}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E7E93AA7-03D9-4481-A462-6D229069541B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EF1CD278-2DFD-4078-A49B-80D4B1B2B833}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{F0DBBCF9-78B7-403D-A0BF-B61F2569C3CC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F0EEE564-FD24-4AF9-8793-287D38CAF7AA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F991FD90-A87B-479A-BA23-26BABA3EC2B5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{4B8D5E60-767F-479F-B480-54D3286C4953}C:\program files\java\jre1.8.0_66\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.8.0_66\bin\javaw.exe |
"UDP Query User{D086A147-D3C4-4C2F-B387-F2D7B6D0094E}C:\program files\java\jre1.8.0_66\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.8.0_66\bin\javaw.exe |

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 17:08
od nulka
========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86418073F0}" = Java 8 Update 73 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86418074F0}" = Java 8 Update 74 (64-bit)
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 341.92
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 341.92
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 341.92
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.2.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 340.50
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 17.12.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 5.21 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}" = TomTom HOME
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.18
"Adobe Flash Player ActiveX" = Adobe Flash Player 20 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Driver Booster_is1" = Driver Booster 3.2
"Google Chrome" = Google Chrome
"Iobit Driver Booster Pro 3.2.0.698 Final Full Key + Serial 3.2.0.698" = Iobit Driver Booster Pro 3.2.0.698 Final Full Key + Serial 3.2.0.698
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"Mozilla Firefox 44.0.2 (x86 cs)" = Mozilla Firefox 44.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.95
"Steam" = Steam
"Steam App 224540" = Ace of Spades
"Steam App 301520" = Robocraft
"Steam App 363970" = Clicker Heroes
"Steam App 550" = Left 4 Dead 2

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5.1.2016 12:14:55 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 9000
Description =

Error - 5.1.2016 12:14:55 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 7040
Description =

Error - 5.1.2016 12:14:55 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 7042
Description =

Error - 5.1.2016 12:14:55 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 5.1.2016 12:14:55 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 5.1.2016 12:14:57 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 5.1.2016 12:14:57 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 5.1.2016 12:14:57 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 5.1.2016 12:14:57 | Computer Name = Vlada-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 22.2.2016 7:13:09 | Computer Name = Vlada-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: TomTomHOMERuntime.exe, verze: 1.9.1.3443,
časové razítko: 0x4a290731 Název chybujícího modulu: MSVCR80.dll, verze: 8.0.50727.4940,
časové razítko: 0x4ca2b271 Kód výjimky: 0xc0000005 Posun chyby: 0x0000f880 ID chybujícího
procesu: 0x1214 Čas spuštění chybující aplikace: 0x01d16d61015b71d4 Cesta k chybující
aplikaci: C:\Program Files (x86)\TomTom HOME 2\xulrunner\TomTomHOMERuntime.exe Cesta
k chybujícímu modulu: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\MSVCR80.dll
ID
zprávy: 40bf07f9-d955-11e5-ba2b-001d92db347c

[ System Events ]
Error - 21.2.2016 9:28:14 | Computer Name = Vlada-PC | Source = DCOM | ID = 10010
Description =

Error - 22.2.2016 6:54:24 | Computer Name = Vlada-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error - 22.2.2016 6:54:24 | Computer Name = Vlada-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error - 22.2.2016 6:54:25 | Computer Name = Vlada-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk5\DR5.

Error - 22.2.2016 7:03:28 | Computer Name = Vlada-PC | Source = Service Control Manager | ID = 7030
Description = Služba TomTomHOMEService je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 22.2.2016 7:05:35 | Computer Name = Vlada-PC | Source = Service Control Manager | ID = 7034
Description = Služba TomTomHOMEService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 22.2.2016 7:05:47 | Computer Name = Vlada-PC | Source = Service Control Manager | ID = 7030
Description = Služba TomTomHOMEService je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 22.2.2016 8:15:12 | Computer Name = Vlada-PC | Source = volsnap | ID = 393230
Description = Stínové kopie svazku C: byly přerušeny kvůli selhání V/V operace.
ve svazku C:.

Error - 25.2.2016 8:53:44 | Computer Name = Vlada-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 25.2.2016 12:08:51 | Computer Name = Vlada-PC | Source = DCOM | ID = 10010
Description =


< End of report >

Re: Problém s myší a s trojany.

Napsal: 26 úno 2016 17:32
od Rudy
nulka píše:Má to o 3.500 více znaků a nejde to odeslat.
Rozdělte na více postů
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz