RTC audio PnP listener
Napsal: 17 lis 2017 03:51
Při odhlašování ze systému, jsem si všiml vyskakovacího okna ukončení programu RTC audio PnP listener. Byl pomalý internet.
Zpuštěné programy Kmp player, Vlc player, Skype, prohlížeč- Facebook.
Podobnou situaci jsem už zažil, ale pouze jednou, program se nespouští pravidelně, nebo na základě nějaké akce.
viewtopic.php?f=70&t=189099
+ malá prosba. Stáhnul jsem si plugin Massive, který mi dlouhou dobu sloužil, a je pro mně hodně důležitý.
Po určité době se mi ho nepodařilo načíst ve Fruity loops. Zkusil jsem reinstal, ale nešla přemazat některá data z důvodů cyklické chyby(Do složek se nedalo dostat). Reinstal se tedy napoprvé nezdařil. Napodruhé jsem přejmenoval nadřazenou složku, aby při instalaci mohla být vytvořená nová namísto přemazání. Instalace se zdařila, ale plugin v Fl studiu stále nejde načíst a použít.
Pokusil jsem se spustit program samostatně Massive.exe, opět se nezdařilo aplikaci spustit, místo toho se objevila lasická windows hláška: V aplikaci ... došlo k problému a je třeba jí zavřít...
Příčinou by mohla být nějaká ochrana, jako např. karanténa nebo tak něco podle mého názoru. Co bylo karanténách jsem vymazal, nebo povoll, podle toho o co se jednalo Vlastně ještě jednu karanténu jsem neuvolnil jsem si vzpomněl v programu 9-lab, mám totiž obavy, že bych vymazáním mohl přijít o pluginy a tím bych se připravil o svoji dlouhodobou tvorbu. Program je celkem radikál.
No prostě ve zkratce, potřebuji rozjet Massive, nenadělat paseku v pluginech, a něco udělat s tím RTC audio PnP listener.
Prosím o kontrolu logu
+ zasílám log z 9-lab
9-lab Removal Tool 1.0.0.39 BETA
9-lab.com
Database version: 171.50570
Windows XP Service Pack 3 (Version 5.1, Build 2600, 32-bit Edition)
Internet Explorer 8.0.6001.18702
Adam2 :: BBDRA2-3D0A5E7C
7.7.2017 10:27:56
9lab-log-2017-07-07 (10-27-56).txt
Scan type: Full
Objects scanned: 31928
Time Elapsed: 58 m 30 s
Registry Keys detected: 4
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\WidgetServ.WidgetServer]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\WidgetServ.Widget]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\AppID\{49FDB6BD-9913-47D4-B21D-B3C21D450447}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\AppID\WidgetServ.EXE]
Files detected: 19
[7D307E2225D784B3CB69473B4F816E15] PUP.Gen.vl!c [C:\Documents and Settings\Adam2\Dokumenty\Downloads\DriverToolkitInstaller.exe]
[FF65E300000EAA8C1B5BE988540C1469] PUP.Gen.vl!c [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028830.exe]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028831.exe]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028832.exe]
[4C4354D7CB83FDAF4EAB2BB1016EDD81] Malware.Win32.Gen.CCC5.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028833.exe]
[3EAE90B1A0BB0A9B96A054BFAD2FCB50] Malware.Win32.Gen.cld [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028838.exe]
[98312E3001D9785C02324E0D0041215B] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028839.dll]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028840.exe]
[66DCBEE3CD459A5E8C508E450FA6CFC1] Adware.Win32.OpenCandy.dd!i [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028843.exe]
[D7822021031F04A4CA640F20D3F06A2C] Adware.Win32.OpenCandy.dd!i [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028844.exe]
[8A080BA59A1002E983A857836E4DC497] Malware.Win32.Gen.9FAB.cc!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028845.dll]
[3410BF3A90908AF6B6BB9D376D8CC613] PUP.Win32.GameHack.FA5C.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028847.dll]
[37C61CDBD96FF6AA59FFDB2014E1FC65] Malware.Win32.Gen.BA5C.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028848.dll]
[CC7AA7B42CF418FC3D926913490048F8] Malware.Win32.Gen.cs1 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028849.exe]
[CC7AA7B42CF418FC3D926913490048F8] Malware.Win32.Gen.cs1 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028850.exe]
[498A4FC8F7AF3AE396C1417742525A16] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028835.exe]
[3D4B53EB549585EE077617F61072C6E7] Malware.Win32.Gen.cs3 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028836.exe]
[02A1651F97C59F4EC29E407A6DB5DE58] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028837.exe]
[15C25B8F980676345D1B5C10AF09A742] Malware.Win32.Gen.cld [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP45\A0036788.exe]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:53:06, on 17.11.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS2\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS2\system32\KaraokeSer.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\NetLimiter 3\nlsvc.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS2\system32\svchost.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\WINDOWS2\system32\wbem\unsecapp.exe
C:\WINDOWS2\system32\wscntfy.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\wuauclt.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\WINDOWS2\system32\svchost.exe
C:\Program Files\9-lab\Removal Tool\rmtool.exe
C:\Documents and Settings\Adam2\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slimwareutilities.com/slimdr ... wnload.php
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [IseUI] C:\Program Files\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS2\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS2\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS2\system32\browseui.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS2\system32\KaraokeSer.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS2\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 7513 bytes
Zpuštěné programy Kmp player, Vlc player, Skype, prohlížeč- Facebook.
Podobnou situaci jsem už zažil, ale pouze jednou, program se nespouští pravidelně, nebo na základě nějaké akce.
viewtopic.php?f=70&t=189099
+ malá prosba. Stáhnul jsem si plugin Massive, který mi dlouhou dobu sloužil, a je pro mně hodně důležitý.
Po určité době se mi ho nepodařilo načíst ve Fruity loops. Zkusil jsem reinstal, ale nešla přemazat některá data z důvodů cyklické chyby(Do složek se nedalo dostat). Reinstal se tedy napoprvé nezdařil. Napodruhé jsem přejmenoval nadřazenou složku, aby při instalaci mohla být vytvořená nová namísto přemazání. Instalace se zdařila, ale plugin v Fl studiu stále nejde načíst a použít.
Pokusil jsem se spustit program samostatně Massive.exe, opět se nezdařilo aplikaci spustit, místo toho se objevila lasická windows hláška: V aplikaci ... došlo k problému a je třeba jí zavřít...
Příčinou by mohla být nějaká ochrana, jako např. karanténa nebo tak něco podle mého názoru. Co bylo karanténách jsem vymazal, nebo povoll, podle toho o co se jednalo Vlastně ještě jednu karanténu jsem neuvolnil jsem si vzpomněl v programu 9-lab, mám totiž obavy, že bych vymazáním mohl přijít o pluginy a tím bych se připravil o svoji dlouhodobou tvorbu. Program je celkem radikál.
No prostě ve zkratce, potřebuji rozjet Massive, nenadělat paseku v pluginech, a něco udělat s tím RTC audio PnP listener.
Prosím o kontrolu logu
+ zasílám log z 9-lab
9-lab Removal Tool 1.0.0.39 BETA
9-lab.com
Database version: 171.50570
Windows XP Service Pack 3 (Version 5.1, Build 2600, 32-bit Edition)
Internet Explorer 8.0.6001.18702
Adam2 :: BBDRA2-3D0A5E7C
7.7.2017 10:27:56
9lab-log-2017-07-07 (10-27-56).txt
Scan type: Full
Objects scanned: 31928
Time Elapsed: 58 m 30 s
Registry Keys detected: 4
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\WidgetServ.WidgetServer]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\WidgetServ.Widget]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\AppID\{49FDB6BD-9913-47D4-B21D-B3C21D450447}]
Adware.RPL.Gen.bot [HKEY_CLASSES_ROOT\AppID\WidgetServ.EXE]
Files detected: 19
[7D307E2225D784B3CB69473B4F816E15] PUP.Gen.vl!c [C:\Documents and Settings\Adam2\Dokumenty\Downloads\DriverToolkitInstaller.exe]
[FF65E300000EAA8C1B5BE988540C1469] PUP.Gen.vl!c [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028830.exe]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028831.exe]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028832.exe]
[4C4354D7CB83FDAF4EAB2BB1016EDD81] Malware.Win32.Gen.CCC5.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028833.exe]
[3EAE90B1A0BB0A9B96A054BFAD2FCB50] Malware.Win32.Gen.cld [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028838.exe]
[98312E3001D9785C02324E0D0041215B] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028839.dll]
[7EA0260488F304D68067A50B33A23AC2] Trojan.Win32.Kryptik.vb [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028840.exe]
[66DCBEE3CD459A5E8C508E450FA6CFC1] Adware.Win32.OpenCandy.dd!i [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028843.exe]
[D7822021031F04A4CA640F20D3F06A2C] Adware.Win32.OpenCandy.dd!i [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028844.exe]
[8A080BA59A1002E983A857836E4DC497] Malware.Win32.Gen.9FAB.cc!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028845.dll]
[3410BF3A90908AF6B6BB9D376D8CC613] PUP.Win32.GameHack.FA5C.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028847.dll]
[37C61CDBD96FF6AA59FFDB2014E1FC65] Malware.Win32.Gen.BA5C.vb!ff [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028848.dll]
[CC7AA7B42CF418FC3D926913490048F8] Malware.Win32.Gen.cs1 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028849.exe]
[CC7AA7B42CF418FC3D926913490048F8] Malware.Win32.Gen.cs1 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028850.exe]
[498A4FC8F7AF3AE396C1417742525A16] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028835.exe]
[3D4B53EB549585EE077617F61072C6E7] Malware.Win32.Gen.cs3 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028836.exe]
[02A1651F97C59F4EC29E407A6DB5DE58] Malware.Win32.Gen.cs0 [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP33\A0028837.exe]
[15C25B8F980676345D1B5C10AF09A742] Malware.Win32.Gen.cld [C:\System Volume Information\_restore{CD251913-093A-471D-BD79-C51A04E4C3ED}\RP45\A0036788.exe]
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:53:06, on 17.11.2017
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS2\System32\smss.exe
C:\WINDOWS2\system32\winlogon.exe
C:\WINDOWS2\system32\services.exe
C:\WINDOWS2\system32\lsass.exe
C:\WINDOWS2\system32\svchost.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\spoolsv.exe
C:\WINDOWS2\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS2\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS2\system32\KaraokeSer.exe
C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\NetLimiter 3\nlsvc.exe
C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS2\system32\svchost.exe
C:\Program Files\Zemana AntiMalware\ZAM.exe
C:\WINDOWS2\system32\wbem\unsecapp.exe
C:\WINDOWS2\system32\wscntfy.exe
C:\WINDOWS2\System32\svchost.exe
C:\WINDOWS2\system32\wuauclt.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\Program Files\Comodo\Chromodo\chromodo.exe
C:\WINDOWS2\system32\svchost.exe
C:\Program Files\9-lab\Removal Tool\rmtool.exe
C:\Documents and Settings\Adam2\Plocha\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slimwareutilities.com/slimdr ... wnload.php
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [IseUI] C:\Program Files\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS2\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS2\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS2\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS2\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS2\system32\browseui.dll
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) - Comodo - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: VIA Karaoke digital mixer Service (KaraokeService) - VIA Technologies, Inc. - C:\WINDOWS2\system32\KaraokeSer.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NetLimiter 3 Service (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 3\nlsvc.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS2\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 7513 bytes