Dostal se mi do PC malware - Adaware Secure Search
Napsal: 22 pro 2019 14:51
Dobrý den, zde předkládám výpis z HiJackThis. Předem Vám děkuji za pomoc.
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.7
Platform: x64 Windows 7 (Ultimate), 6.1.7601.0, Service Pack: 1
Time: 22.12.2019 - 14:32 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: DarkWerewolf (group: Administrator) on DARKWEREWOLF-PC, FirstRun: yes
Firefox: 71.0.0.7275
Internet Explorer: 8.0.7601.17514
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1 C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
1 C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
10 C:\Program Files\Mozilla Firefox\firefox.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
3 C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
1 C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
1 C:\Users\DarkWerewolf\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
11 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\explorer.exe
1 D:\Programs\Avast\AvastSvc.exe
2 D:\Programs\Avast\AvastUI.exe
1 D:\Programs\Avast\aswidsagent.exe
1 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cavwp.exe
2 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe
1 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdagent.exe
1 D:\Programs\DAEMON Tools Lite\DTLite.exe
1 D:\Programs\Total commander\totalcmd\TOTALCMD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://securedsearch.lavasoft.com/?pr=v ... 38__191220
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: [SuggestionsURL] = http://ie.search.yahoo.com/os?appid=chrie&command= - Yahoo! Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: [URL] = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo - Yahoo! Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}: [SuggestionsURL,TopResultURL] = https://defaultsearch.co?q={searchTerms} - DefaultSearchYahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}: [URL] = https://securesearch.org?q={searchTerms} - DefaultSearchYahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B8FBD0E2-5D53-4FF0-B8FA-376A55F7617D}: [SuggestionsURL_JSON] = http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms} - Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B8FBD0E2-5D53-4FF0-B8FA-376A55F7617D}: [URL] = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454 - Seznam
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2-32 - HKLM\..\BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2-32 - HKLM\..\BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O3 - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - (no file)
O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O4 - HKCU\..\Run: [Bloody2] = C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite] = D:\Programs\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU\..\Run: [Wargaming.net Game Center] = C:\ProgramData\Wargaming.net\GameCenter\wgc.exe --background ''
O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] = D:\Programs\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [COMODO Internet Security] = D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --cistrayUI
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [ShadowPlay] = C:\Windows\system32\nvspcap64.dll C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: DAEMON Tools Lite [command] = D:\Programs\DAEMON Tools Lite\DTLite.exe -autorun (HKCU) (2014/06/14)
O4 - MSConfig\startupreg: LogMeIn Hamachi Ui [command] = D:\Programs\Hamachi\hamachi-2-ui.exe --auto-start (HKLM) (2014/06/14) (file missing)
O4 - MSConfig\startupreg: PC Suite Tray [command] = D:\Programs\PC Suite\Nokia PC Suite 7\PCSuite.exe -onlytray (HKCU) (2013/07/26) (file missing)
O4 - MSConfig\startupreg: StartCCC [command] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun (HKLM) (2013/07/26)
O4 - MSConfig\startupreg: VICTORY Gaming Keyboard [command] = C:\Program Files (x86)\Gaming Keyboard\Monitor.exe (HKLM) (2017/12/17) (file missing)
O4 - MSConfig\startupreg: WinFast Schedule [command] = D:\Programs\Win fast\WFDTV\WFWIZ.exe (HKCU) (2013/07/26) (file missing)
O4-32 - HKLM\..\Run: [AMD AVT] = C:\Windows\system32\Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4-32 - HKLM\..\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4-32 - HKLM\..\Run: [Adobe Reader Speed Launcher] = D:\Programs\Adobe\Reader\Reader_sl.exe
O4-32 - HKLM\..\Run: [DLLSuite2016] = C:\Program Files (x86)\DLL Suite\DLLSuite.exe (file missing)
O4-32 - HKLM\..\Run: [GrooveMonitor] = D:\Programs\MS Office Enterprise 2007\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [IseUI] = C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun
O7 - TroubleShooting: (Disk) Free disk space on C: is too low = 456 MB.
O9-32 - Button: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: Odeslat do aplikace OneNote - D:\Programs\MS Office Enterprise 2007\Office12\ONBttnIE.dll
O9-32 - Button: HKLM\..\{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Research - D:\Programs\MS Office Enterprise 2007\Office12\REFIEBAR.DLL
O9-32 - Tools menu item: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: Od&eslat do aplikace OneNote - D:\Programs\MS Office Enterprise 2007\Office12\ONBttnIE.dll
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O16 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 10.67.2 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.7.0_67 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.7.0_67 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation: Shockwave Flash Object [CODEBASE] = http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - DHCP DNS 10: 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - DHCP DNS 11: 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - DHCP DNS 1: 192.168.0.1
O17 - DHCP DNS 2: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 3: 8.8.4.4 (Well-known DNS: Google)
O17 - DHCP DNS 4: 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - DHCP DNS 5: 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - DHCP DNS 6: 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 7: 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 8: 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - DHCP DNS 9: 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\grooveLocalGWS: [CLSID] = {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveSystemServices.dll
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\guard32.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - D:\Programs\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - D:\Programs\Avast\ashShell.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O22 - Task: (disabled) (telemetry) NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
O22 - Task: (disabled) Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe -check plugin
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) DllKitPRO - C:\Program Files (x86)\DllKitPRO\dllkitpro.exe start (file missing)
O22 - Task: (disabled) NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
O22 - Task: (disabled) NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
O22 - Task: (disabled) NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task: (disabled) \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
O22 - Task: (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --telemetry
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate
O22 - Task: Avast Emergency Update - D:\Programs\Avast\AvEmUpdate.exe
O22 - Task: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Task: \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --cistrayUI
O22 - Task: \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627}
O22 - Task: \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
O22 - Task: \Microsoft\Windows\Media Center\StartRecording - C:\Windows\ehome\ehrec /StartRecording (file missing)
O22 - Task: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\Windows\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Task: {9A5EA259-B940-4C07-9D1E-7C9F13F839F6} - C:\Windows\system32\pcalua.exe -a D:\Programs\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz\TeamSpeak3-cestina-0.1.-beta2.exe -d d:\Programs\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz -c -el -s2 "-dC:\Program Files\TeamSpeak 3 Client\" "-p" "-sp"
O22 - Task: {BDA8F513-5372-4792-96F8-1F6C5E4A4AE1} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}
O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - D:\Programs\Avast\AvastSvc.exe
O23 - Service R2: COMODO Internet Security Helper Service - (cmdAgent) - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA Wireless Controller Service - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service R2: Ulead Burning Helper - (UleadBurningHelper) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service R2: isesrv - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe -service
O23 - Service R3: aswbIDSAgent - D:\Programs\Avast\aswidsagent.exe
O23 - Service S2: GS-Supporter - (e81a9dc1) - C:\Windows\SysWow64\rundll32.exe "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - D:\Programs\MS Office Enterprise 2007\Office12\GrooveAuditService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
O23 - Service S3: ServiceLayer - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
--
End of file - Time spent: 10,1 sec. - 42976 bytes, CRC32: FFFFFFFF. Sign: 瓞姞
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.7
Platform: x64 Windows 7 (Ultimate), 6.1.7601.0, Service Pack: 1
Time: 22.12.2019 - 14:32 (UTC+01:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Elevated: Yes
Ran by: DarkWerewolf (group: Administrator) on DARKWEREWOLF-PC, FirstRun: yes
Firefox: 71.0.0.7275
Internet Explorer: 8.0.7601.17514
Default: "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" (Firefox)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
1 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
1 C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
1 C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
1 C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
10 C:\Program Files\Mozilla Firefox\firefox.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
3 C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe
1 C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
1 C:\Users\DarkWerewolf\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
11 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\explorer.exe
1 D:\Programs\Avast\AvastSvc.exe
2 D:\Programs\Avast\AvastUI.exe
1 D:\Programs\Avast\aswidsagent.exe
1 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cavwp.exe
2 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe
1 D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdagent.exe
1 D:\Programs\DAEMON Tools Lite\DTLite.exe
1 D:\Programs\Total commander\totalcmd\TOTALCMD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = http://securedsearch.lavasoft.com/?pr=v ... 38__191220
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: [SuggestionsURL] = http://ie.search.yahoo.com/os?appid=chrie&command= - Yahoo! Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: [URL] = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo - Yahoo! Search
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}: [SuggestionsURL,TopResultURL] = https://defaultsearch.co?q={searchTerms} - DefaultSearchYahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}: [URL] = https://securesearch.org?q={searchTerms} - DefaultSearchYahoo
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B8FBD0E2-5D53-4FF0-B8FA-376A55F7617D}: [SuggestionsURL_JSON] = http://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms} - Seznam
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B8FBD0E2-5D53-4FF0-B8FA-376A55F7617D}: [URL] = http://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454 - Seznam
O2 - HKLM\..\BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - HKLM\..\BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2-32 - HKLM\..\BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2-32 - HKLM\..\BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O3 - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - (no file)
O3 - HKLM\..\Toolbar: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O4 - HKCU\..\Run: [Bloody2] = C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite] = D:\Programs\DAEMON Tools Lite\DTLite.exe -autorun
O4 - HKCU\..\Run: [Wargaming.net Game Center] = C:\ProgramData\Wargaming.net\GameCenter\wgc.exe --background ''
O4 - HKCU\..\Run: [Web Companion] = C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] = D:\Programs\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [COMODO Internet Security] = D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --cistrayUI
O4 - HKLM\..\Run: [RtHDVCpl] = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\Run: [ShadowPlay] = C:\Windows\system32\nvspcap64.dll C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
O4 - HKU\.DEFAULT\..\RunOnce: [SPReview] = C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
O4 - MSConfig\startupreg: DAEMON Tools Lite [command] = D:\Programs\DAEMON Tools Lite\DTLite.exe -autorun (HKCU) (2014/06/14)
O4 - MSConfig\startupreg: LogMeIn Hamachi Ui [command] = D:\Programs\Hamachi\hamachi-2-ui.exe --auto-start (HKLM) (2014/06/14) (file missing)
O4 - MSConfig\startupreg: PC Suite Tray [command] = D:\Programs\PC Suite\Nokia PC Suite 7\PCSuite.exe -onlytray (HKCU) (2013/07/26) (file missing)
O4 - MSConfig\startupreg: StartCCC [command] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun (HKLM) (2013/07/26)
O4 - MSConfig\startupreg: VICTORY Gaming Keyboard [command] = C:\Program Files (x86)\Gaming Keyboard\Monitor.exe (HKLM) (2017/12/17) (file missing)
O4 - MSConfig\startupreg: WinFast Schedule [command] = D:\Programs\Win fast\WFDTV\WFWIZ.exe (HKCU) (2013/07/26) (file missing)
O4-32 - HKLM\..\Run: [AMD AVT] = C:\Windows\system32\Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4-32 - HKLM\..\Run: [Adobe ARM] = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4-32 - HKLM\..\Run: [Adobe Reader Speed Launcher] = D:\Programs\Adobe\Reader\Reader_sl.exe
O4-32 - HKLM\..\Run: [DLLSuite2016] = C:\Program Files (x86)\DLL Suite\DLLSuite.exe (file missing)
O4-32 - HKLM\..\Run: [GrooveMonitor] = D:\Programs\MS Office Enterprise 2007\Office12\GrooveMonitor.exe
O4-32 - HKLM\..\Run: [IseUI] = C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4-32 - HKLM\..\Run: [StartCCC] = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun
O7 - TroubleShooting: (Disk) Free disk space on C: is too low = 456 MB.
O9-32 - Button: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: Odeslat do aplikace OneNote - D:\Programs\MS Office Enterprise 2007\Office12\ONBttnIE.dll
O9-32 - Button: HKLM\..\{92780B25-18CC-41C8-B9BE-3C9C571A8263}: Research - D:\Programs\MS Office Enterprise 2007\Office12\REFIEBAR.DLL
O9-32 - Tools menu item: HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49}: Od&eslat do aplikace OneNote - D:\Programs\MS Office Enterprise 2007\Office12\ONBttnIE.dll
O15 - Trusted Zone: *.localhost
O15 - Trusted Zone: http://webcompanion.com
O16 - DPF: HKLM\..\{8AD9C840-044E-11D1-B3E9-00805F499D93}\DownloadInformation: Java Plug-in 10.67.2 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.7.0_67 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16 - DPF: HKLM\..\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\DownloadInformation: Java Plug-in 1.7.0_67 [CODEBASE] = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
O16-32 - DPF: HKLM\..\{D27CDB6E-AE6D-11CF-96B8-444553540000}\DownloadInformation: Shockwave Flash Object [CODEBASE] = http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - DHCP DNS 10: 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - DHCP DNS 11: 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - DHCP DNS 1: 192.168.0.1
O17 - DHCP DNS 2: 8.8.8.8 (Well-known DNS: Google)
O17 - DHCP DNS 3: 8.8.4.4 (Well-known DNS: Google)
O17 - DHCP DNS 4: 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - DHCP DNS 5: 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - DHCP DNS 6: 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 7: 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - DHCP DNS 8: 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - DHCP DNS 9: 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.70.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 156.154.71.1 (Well-known DNS: Neustar DNS Advantage / UltraDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.220.220 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 208.67.222.222 (Well-known DNS: Cisco OpenDNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.1 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 4.2.2.2 (Well-known DNS: Verizon / Level 3 Communications)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.20.247.20 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.26.56.26 (Well-known DNS: Comodo Secure DNS)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.4.4 (Well-known DNS: Google)
O17 - HKLM\System\ControlSet002\Services\Tcpip\..\{D8077A3B-51E5-4DB0-B9A9-2966F554DCBE}: [NameServer] = 8.8.8.8 (Well-known DNS: Google)
O18 - HKLM\Software\Classes\Protocols\Handler\grooveLocalGWS: [CLSID] = {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveSystemServices.dll
O20 - HKLM\..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\guard32.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - D:\Programs\Avast\ashShell.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\00avast: avast - {472083B0-C522-11CF-8763-00608CC02F24} - D:\Programs\Avast\ashShell.dll
O21-32 - HKLM\..\ShellExecuteHooks: [{B5A7F190-DDA6-4420-B3BA-52453494E6CD}] - Groove GFS Stub Execution Hook - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll (disabled)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub): Groove Explorer Icon Overlay 1 (GFS Unread Stub) - {99FD978C-D287-4F50-827F-B2C658EDA8E7} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub): Groove Explorer Icon Overlay 2 (GFS Stub) - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder): Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) - {920E6DB1-9907-4370-B3A0-BAFC03D81399} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder): Groove Explorer Icon Overlay 3 (GFS Folder) - {16F3DD56-1AF5-4347-846D-7C10C4192619} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark): Groove Explorer Icon Overlay 4 (GFS Unread Mark) - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} - D:\Programs\MS Office Enterprise 2007\Office12\GrooveShellExtensions.dll
O22 - Task: (disabled) (telemetry) NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
O22 - Task: (disabled) Adobe Flash Player NPAPI Notifier - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_Plugin.exe -check plugin
O22 - Task: (disabled) Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task: (disabled) DllKitPRO - C:\Program Files (x86)\DllKitPRO\dllkitpro.exe start (file missing)
O22 - Task: (disabled) NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
O22 - Task: (disabled) NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
O22 - Task: (disabled) NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
O22 - Task: (disabled) NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task: (disabled) \COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59}
O22 - Task: (telemetry) \COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --telemetry
O22 - Task: (telemetry) \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\rundll32.exe aepdu.dll,AePduRunUpdate
O22 - Task: Avast Emergency Update - D:\Programs\Avast\AvEmUpdate.exe
O22 - Task: \AVAST Software\Overseer - C:\Program Files\Common Files\avast software\overseer\overseer.exe /from_scheduler:1
O22 - Task: \COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cis.exe --cistrayUI
O22 - Task: \COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {06A09C0F-DD9C-4191-A670-71115CD78627}
O22 - Task: \COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cfpconfg.exe --launchSchedule {A6D52E4F-569B-4756-B3D8-DF217313DA85}
O22 - Task: \Microsoft\Windows\Media Center\StartRecording - C:\Windows\ehome\ehrec /StartRecording (file missing)
O22 - Task: \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\Windows\ehome\mcupdate -crl -hms -pscn 15 (file missing)
O22 - Task: {9A5EA259-B940-4C07-9D1E-7C9F13F839F6} - C:\Windows\system32\pcalua.exe -a D:\Programs\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz\TeamSpeak3-cestina-0.1.-beta2.exe -d d:\Programs\TeamSpeak3-cestina-0.2.-beta2_by_hernihosting.cz -c -el -s2 "-dC:\Program Files\TeamSpeak 3 Client\" "-p" "-sp"
O22 - Task: {BDA8F513-5372-4792-96F8-1F6C5E4A4AE1} - C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe -c /M{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}
O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - D:\Programs\Avast\AvastSvc.exe
O23 - Service R2: COMODO Internet Security Helper Service - (cmdAgent) - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
O23 - Service R2: NVIDIA Wireless Controller Service - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
O23 - Service R2: Ulead Burning Helper - (UleadBurningHelper) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service R2: isesrv - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe -service
O23 - Service R3: aswbIDSAgent - D:\Programs\Avast\aswidsagent.exe
O23 - Service S2: GS-Supporter - (e81a9dc1) - C:\Windows\SysWow64\rundll32.exe "c:\progra~2\gs-ena~1\AssistantSvc.dll",service
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: COMODO Virtual Service Manager - (cmdvirth) - D:\Programs\Comodo firewall\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - (ICCS) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service S3: Microsoft Office Diagnostics Service - (odserv) - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service S3: Microsoft Office Groove Audit Service - D:\Programs\MS Office Enterprise 2007\Office12\GrooveAuditService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
O23 - Service S3: ServiceLayer - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
--
End of file - Time spent: 10,1 sec. - 42976 bytes, CRC32: FFFFFFFF. Sign: 瓞姞