prosím o pomoc. antivir mi stále hlásí infiltrace ale nejdou odstranit.
Logfile of random's system information tool 1.14 (written by random/random)
Run by Tetrev at 2016-11-29 20:04:57
Microsoft Windows 10 Home
System drive C: has 107 GB (11%) free of 953 GB
Total RAM: 8130 MB (74% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:00, on 29.11.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\trend micro\Tetrev_RSITx64 (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\RunOnce: [20161125] "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\f9cad3f6-94c8-44b3-b1f5-942f10ef054a\7b4450aa-5ad2-43c6-b364-2ca86cd6f2b7.dll",_stage2@16
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13965 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dwm.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4ff78095-5ccf-41f2-b0ae-ea4125bb301c -SystemEventPortName:HostProcess-7d44f1b9-4488-4f2e-abdc-c01aef3132e7 -IoCancelEventPortName:HostProcess-80f2c2d2-9104-484e-9103-2040979b8855 -NonStateChangingEventPortName:HostProcess-331c0c52-abc4-4ddf-a7b9-f72270e9100f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9297b136-9a9d-4ab9-acdc-3d76c8ee2929 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7760f61b-3ccc-4c2c-a937-1eb8cd35377a -SystemEventPortName:HostProcess-c8e8217b-556b-47eb-b62f-353b3b02bac7 -IoCancelEventPortName:HostProcess-03a206db-25d6-4339-8b7c-53c316a89a2d -NonStateChangingEventPortName:HostProcess-91ebbdcf-713b-4a2f-95bb-7f15ac689b60 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:33768ea6-ce7b-4187-891f-4079e48aade4 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\WINDOWS\system32\mqsvc.exe
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
C:\Program Files\CCleaner\CCleaner64.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:7448
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe151_ Global\UsGthrCtrlFltPipeMssGthrPipe151 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 652 656 664 8192 660
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x474
"C:\Users\Tetrev\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\WINDOWS\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Google Update - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1428853559 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1468633631 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{C99CD5FD-3E42-4576-8499-B423DDC0B0DB} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{C78478A3-3A93-4EA4-8398-CC3ABC0EACCA} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Tetrev\Desktop\Live Windows 7 CD\HP USB Formatter.EXE" -d "C:\Users\Tetrev\Desktop\Live Windows 7 CD"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-3374175700-459317722-1100794181-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\ASUS\ASUS Product Register Service - C:\Program Files (x86)\ASUS\APRP\aprp.exe
=========Google Chrome=========
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 11.1.0.210
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 11.1.0.210
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 1743664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24 8492800]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1794704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Dropbox Update"=C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
"OneDrive"=C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-24 633024]
"cz.seznam.software.autoupdate"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Google Update"=C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-29 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe []
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-11-24 240400]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-11-14 7830664]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1104104]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20161125"=C:\Program Files\AVAST Software\Avast\aswRunDll.exe [2016-09-09 901992]
C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-27 17:18:07 ----D---- C:\WINDOWS\LastGood
2016-11-27 13:50:36 ----HD---- C:\$WINDOWS.~BT
2016-11-17 14:46:06 ----D---- C:\WINDOWS\Minidump
2016-11-09 18:15:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 18:15:43 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 18:15:38 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:15:35 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 18:15:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 18:15:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 18:15:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:15:07 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 18:15:00 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 18:14:59 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 18:14:58 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:14:55 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 18:14:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:14:46 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:14:45 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:14:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:14:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:14:41 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:14:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:14:38 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 18:14:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:14:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:14:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:14:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:14:27 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:14:20 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:14:18 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 18:14:17 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:14:14 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 18:14:13 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 18:14:09 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:13:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 18:13:56 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2016-11-29 20:05:00 ----D---- C:\Program Files\trend micro
2016-11-29 19:45:07 ----D---- C:\WINDOWS\Temp
2016-11-29 19:36:00 ----D---- C:\WINDOWS\system32\sru
2016-11-29 18:57:18 ----D---- C:\WINDOWS\system32\SleepStudy
2016-11-29 17:16:29 ----D---- C:\WINDOWS\system32\drivers
2016-11-29 16:57:12 ----D---- C:\WINDOWS\Prefetch
2016-11-29 09:31:01 ----HD---- C:\Program Files\WindowsApps
2016-11-29 09:30:19 ----D---- C:\WINDOWS\AppReadiness
2016-11-29 09:28:52 ----RD---- C:\WINDOWS\Microsoft.NET
2016-11-28 17:09:16 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-28 14:17:43 ----SHDC---- C:\WINDOWS\Installer
2016-11-28 14:15:42 ----D---- C:\WINDOWS\WinSxS
2016-11-27 19:46:32 ----AD---- C:\Program Files (x86)\Opera
2016-11-27 17:18:24 ----D---- C:\WINDOWS\system32\CatRoot
2016-11-27 17:18:24 ----D---- C:\WINDOWS\INF
2016-11-27 17:18:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-27 17:18:07 ----D---- C:\WINDOWS\system32\catroot2
2016-11-27 17:18:07 ----D---- C:\Windows
2016-11-27 09:30:24 ----SHD---- C:\System Volume Information
2016-11-26 12:33:58 ----D---- C:\Users\Tetrev\AppData\Roaming\Seznam.cz
2016-11-26 12:30:43 ----D---- C:\WINDOWS\System32
2016-11-26 12:30:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-26 12:25:45 ----D---- C:\ProgramData\NVIDIA
2016-11-25 19:45:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-25 13:45:30 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-11-23 17:33:54 ----HD---- C:\ProgramData
2016-11-17 14:41:44 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-15 16:19:49 ----D---- C:\WINDOWS\system32\config
2016-11-12 09:42:13 ----D---- C:\WINDOWS\rescache
2016-11-12 09:37:11 ----RSD---- C:\WINDOWS\assembly
2016-11-11 21:34:30 ----D---- C:\Users\Tetrev\AppData\Roaming\Dropbox
2016-11-09 20:11:07 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SysWOW64
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migration
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 20:10:56 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:10:56 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 20:10:56 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 20:10:56 ----D---- C:\WINDOWS\AppPatch
2016-11-09 18:32:06 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 18:27:48 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 18:21:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 18:21:00 ----D---- C:\ProgramData\Microsoft Help
2016-11-05 21:14:10 ----A---- C:\WINDOWS\win.ini
2016-11-04 20:53:52 ----D---- C:\WINDOWS\Tasks
2016-11-04 19:58:33 ----D---- C:\WINDOWS\system32\drivers\UMDF
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2016-03-11 116000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2016-03-11 269600]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-09 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-23 513632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-09 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2016-03-11 367200]
R3 bcbtums;@oem39.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-09-21 173312]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-24 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-24 84992]
R3 dtlitescsibus;@oem38.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-04-12 30352]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 MonitorFunction;@oem8.inf,%MonitorFunction_SvcDesc%;Driver for Monitor; C:\WINDOWS\System32\drivers\TVMonitor.sys [2015-11-16 16376]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-24 175616]
R3 NVHDA;@oem55.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-08-26 240704]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [2016-08-26 13754936]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-09 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 btwampfl;@oem39.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-09-21 188160]
S3 dg_ssudbus;@oem42.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-24 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mvusbews;@oem15.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem23.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2016-03-11 3869688]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-12-04 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-09 197128]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-11-24 1146128]
R2 BcmBtRSupport;@oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-09-21 2251992]
R2 CDPUserSvc_df33c;CDPUserSvc_df33c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-07-30 204552]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-24 26112]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_df33c;Hostitel synchronizace_df33c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410768]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7149264]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 PimIndexMaintenanceSvc_df33c;Data kontaktů_df33c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_df33c;Služba zasílání zpráv_df33c; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zavirované PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
# AdwCleaner v6.030 - Log soubor vytvořen 29/11/2016 na 20:57:01
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-28.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Tetrev - TETREV-PC
# Beží od : C:\Users\Tetrev\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Adresář smazán:C:\Users\Tetrev\AppData\Roaming\OpenCandy
[-] Adresář smazán:C:\Users\Tetrev\AppData\Roaming\RHEng
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\CinemaP-1.9cV09.11_is1
[#] Klíč smazán po restartování:HKCU\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKCU\Software\CinemaP-1.9cV09.11_is1
[-] Klíč smazán:HKLM\SOFTWARE\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKLM\SOFTWARE\CinemaP-1.9cV09.11_is1
[#] Klíč smazán po restartování:[x64] HKCU\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:[x64] HKCU\Software\CinemaP-1.9cV09.11_is1
[-] Klíč smazán:HKLM\SOFTWARE\829d1f93-71a5-4522-8aba-58d0756b7541
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\ArenaHD
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\GlobalUpdate
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\HighDefAction
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\InstalledBrowserExtensions
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\YorkNewCin
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKCU\Software\ArenaHD
[#] Klíč smazán po restartování:HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartování:HKCU\Software\HighDefAction
[#] Klíč smazán po restartování:HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartování:HKCU\Software\YorkNewCin
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\ArenaHD
[-] Klíč smazán:HKLM\SOFTWARE\GlobalUpdate
[-] Klíč smazán:HKLM\SOFTWARE\HighDefAction
[-] Klíč smazán:HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán:HKLM\SOFTWARE\YorkNewCin
[#] Klíč smazán po restartování:[x64] HKCU\Software\ArenaHD
[#] Klíč smazán po restartování:[x64] HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartování:[x64] HKCU\Software\HighDefAction
[#] Klíč smazán po restartování:[x64] HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartování:[x64] HKCU\Software\YorkNewCin
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:[x64] HKLM\SOFTWARE\ArenaHD
[-] Klíč smazán:[x64] HKLM\SOFTWARE\HighDefAction
[-] Klíč smazán:[x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán:[x64] HKLM\SOFTWARE\YorkNewCin
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9231 Bajtů] - [29/11/2016 20:57:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [8991 Bajtů] - [29/11/2016 20:41:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [9379 Bajtů] ##########
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-28.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Tetrev - TETREV-PC
# Beží od : C:\Users\Tetrev\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Adresář smazán:C:\Users\Tetrev\AppData\Roaming\OpenCandy
[-] Adresář smazán:C:\Users\Tetrev\AppData\Roaming\RHEng
***** [ Soubory ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\CinemaP-1.9cV09.11_is1
[#] Klíč smazán po restartování:HKCU\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKCU\Software\CinemaP-1.9cV09.11_is1
[-] Klíč smazán:HKLM\SOFTWARE\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:HKLM\SOFTWARE\CinemaP-1.9cV09.11_is1
[#] Klíč smazán po restartování:[x64] HKCU\Software\CinemaP-1.9cV09.11
[#] Klíč smazán po restartování:[x64] HKCU\Software\CinemaP-1.9cV09.11_is1
[-] Klíč smazán:HKLM\SOFTWARE\829d1f93-71a5-4522-8aba-58d0756b7541
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Klíč smazán:HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán:HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\ArenaHD
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\GlobalUpdate
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\HighDefAction
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\InstalledBrowserExtensions
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\YorkNewCin
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKU\S-1-5-21-3374175700-459317722-1100794181-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Installer
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKCU\Software\ArenaHD
[#] Klíč smazán po restartování:HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartování:HKCU\Software\HighDefAction
[#] Klíč smazán po restartování:HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartování:HKCU\Software\YorkNewCin
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán:HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Klíč smazán:HKLM\SOFTWARE\ArenaHD
[-] Klíč smazán:HKLM\SOFTWARE\GlobalUpdate
[-] Klíč smazán:HKLM\SOFTWARE\HighDefAction
[-] Klíč smazán:HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán:HKLM\SOFTWARE\YorkNewCin
[#] Klíč smazán po restartování:[x64] HKCU\Software\ArenaHD
[#] Klíč smazán po restartování:[x64] HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartování:[x64] HKCU\Software\HighDefAction
[#] Klíč smazán po restartování:[x64] HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartování:[x64] HKCU\Software\YorkNewCin
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartování:[x64] HKCU\Software\AppDataLow\Software\Crossrider
[-] Klíč smazán:[x64] HKLM\SOFTWARE\ArenaHD
[-] Klíč smazán:[x64] HKLM\SOFTWARE\HighDefAction
[-] Klíč smazán:[x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán:[x64] HKLM\SOFTWARE\YorkNewCin
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9231 Bajtů] - [29/11/2016 20:57:01]
C:\AdwCleaner\AdwCleaner[S0].txt - [8991 Bajtů] - [29/11/2016 20:41:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [9379 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
Logfile of random's system information tool 1.14 (written by random/random)
Run by Tetrev at 2016-12-04 11:15:30
Microsoft Windows 10 Home
System drive C: has 106 GB (11%) free of 953 GB
Total RAM: 8130 MB (75% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:32, on 4.12.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\trend micro\Tetrev_RSITx64 (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13811 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5f2fa837-ed85-4fb8-a108-0b8a428d5e48 -SystemEventPortName:HostProcess-2f795684-67aa-48ed-951f-c60276e3057f -IoCancelEventPortName:HostProcess-6fa8eb23-1ade-4604-a0a2-41fe4667a036 -NonStateChangingEventPortName:HostProcess-b9742425-7a08-40ab-a798-c530f228f1d2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:475ecaef-61f5-446d-9a76-494d681c25f4 -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ec88d33b-a736-4ec5-921e-dd0fc3a9155d -SystemEventPortName:HostProcess-fc9b4109-b842-4f79-8dd5-cd2069667412 -IoCancelEventPortName:HostProcess-df68db6e-b018-48c2-bc09-d3814d2e361a -NonStateChangingEventPortName:HostProcess-4ebc94f0-7bcd-4f33-aa8c-14a8368ab6df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3ff6b0a4-d7a6-4fe4-b360-e38548d8e28d -DeviceGroupId:WpdFsGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\BtwRSupportService.exe
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2788
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3fc
"C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrunupdate 0
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly /fmw.clear_cache
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tetrev\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\WINDOWS\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Google Update - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1428853559 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1468633631 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{C99CD5FD-3E42-4576-8499-B423DDC0B0DB} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{C78478A3-3A93-4EA4-8398-CC3ABC0EACCA} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Tetrev\Desktop\Live Windows 7 CD\HP USB Formatter.EXE" -d "C:\Users\Tetrev\Desktop\Live Windows 7 CD"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-3374175700-459317722-1100794181-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\ASUS\ASUS Product Register Service - C:\Program Files (x86)\ASUS\APRP\aprp.exe
=========Google Chrome=========
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 11.1.0.210
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 11.1.0.210
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 1743664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24 8492800]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1794704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Dropbox Update"=C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
"OneDrive"=C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-24 633024]
"cz.seznam.software.autoupdate"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Google Update"=C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-29 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe []
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-12-01 240400]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-11-14 7830664]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1104104]
C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-29 20:39:08 ----D---- C:\AdwCleaner
2016-11-27 17:18:07 ----D---- C:\WINDOWS\LastGood.Tmp
2016-11-27 13:50:36 ----HD---- C:\$WINDOWS.~BT
2016-11-17 14:46:06 ----D---- C:\WINDOWS\Minidump
2016-11-09 18:15:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 18:15:43 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 18:15:38 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:15:35 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 18:15:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 18:15:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 18:15:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:15:07 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 18:15:00 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 18:14:59 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 18:14:58 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:14:55 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 18:14:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:14:46 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:14:45 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:14:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:14:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:14:41 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:14:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:14:38 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 18:14:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:14:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:14:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:14:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:14:27 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:14:20 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:14:18 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 18:14:17 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:14:14 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 18:14:13 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 18:14:09 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:13:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 18:13:56 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2016-12-04 11:15:32 ----D---- C:\Program Files\trend micro
2016-12-04 11:12:00 ----D---- C:\WINDOWS\system32\sru
2016-12-04 11:10:58 ----D---- C:\WINDOWS\Temp
2016-12-04 11:10:58 ----D---- C:\WINDOWS\system32\SleepStudy
2016-12-04 09:17:47 ----D---- C:\WINDOWS\system32\config
2016-12-04 09:14:27 ----RD---- C:\WINDOWS\Microsoft.NET
2016-12-03 17:46:34 ----D---- C:\WINDOWS\system32\drivers
2016-12-03 13:30:55 ----D---- C:\WINDOWS\AppReadiness
2016-12-02 21:11:31 ----D---- C:\WINDOWS\Prefetch
2016-12-02 18:02:13 ----SHDC---- C:\WINDOWS\Installer
2016-12-02 09:31:12 ----HD---- C:\Program Files\WindowsApps
2016-12-01 19:44:12 ----D---- C:\Users\Tetrev\AppData\Roaming\Dropbox
2016-12-01 13:35:16 ----HD---- C:\ProgramData
2016-11-30 12:43:08 ----D---- C:\Users\Tetrev\AppData\Roaming\Seznam.cz
2016-11-30 12:37:10 ----D---- C:\WINDOWS\System32
2016-11-30 12:37:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-30 12:33:00 ----D---- C:\ProgramData\NVIDIA
2016-11-29 20:57:55 ----D---- C:\Windows
2016-11-29 20:57:19 ----D---- C:\WINDOWS\system32\catroot2
2016-11-29 20:56:28 ----RD---- C:\Program Files (x86)
2016-11-28 17:09:16 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-28 14:15:42 ----D---- C:\WINDOWS\WinSxS
2016-11-27 19:46:32 ----AD---- C:\Program Files (x86)\Opera
2016-11-27 17:18:24 ----D---- C:\WINDOWS\system32\CatRoot
2016-11-27 17:18:24 ----D---- C:\WINDOWS\INF
2016-11-27 17:18:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-27 09:30:24 ----SHD---- C:\System Volume Information
2016-11-25 19:45:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-25 13:45:30 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-11-17 14:41:44 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-12 09:42:13 ----D---- C:\WINDOWS\rescache
2016-11-12 09:37:11 ----RSD---- C:\WINDOWS\assembly
2016-11-09 20:11:07 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SysWOW64
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migration
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 20:10:56 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:10:56 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 20:10:56 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 20:10:56 ----D---- C:\WINDOWS\AppPatch
2016-11-09 18:32:06 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 18:27:48 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 18:21:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 18:21:00 ----D---- C:\ProgramData\Microsoft Help
2016-11-05 21:14:10 ----A---- C:\WINDOWS\win.ini
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2016-03-11 116000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2016-03-11 269600]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-09 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-23 513632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-09 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2016-03-11 367200]
R3 bcbtums;@oem39.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-09-21 173312]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-24 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-24 84992]
R3 dtlitescsibus;@oem38.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-04-12 30352]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 MonitorFunction;@oem8.inf,%MonitorFunction_SvcDesc%;Driver for Monitor; C:\WINDOWS\System32\drivers\TVMonitor.sys [2015-11-16 16376]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-24 175616]
R3 NVHDA;@oem55.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-08-26 240704]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [2016-08-26 13754936]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-09 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 btwampfl;@oem39.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-09-21 188160]
S3 dg_ssudbus;@oem42.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-24 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mvusbews;@oem15.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem23.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2016-03-11 3869688]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-12-04 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-09 197128]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-12-01 1146128]
R2 BcmBtRSupport;@oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-09-21 2251992]
R2 CDPUserSvc_a915b;CDPUserSvc_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-07-30 204552]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-24 26112]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_a915b;Hostitel synchronizace_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410768]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7149264]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 PimIndexMaintenanceSvc_a915b;Data kontaktů_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_a915b;Služba zasílání zpráv_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
Run by Tetrev at 2016-12-04 11:15:30
Microsoft Windows 10 Home
System drive C: has 106 GB (11%) free of 953 GB
Total RAM: 8130 MB (75% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:15:32, on 4.12.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files\trend micro\Tetrev_RSITx64 (1).exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [HPUsageTrackingLEDM] "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Google Update] "C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: @oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13811 bytes
======Enumerating Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5f2fa837-ed85-4fb8-a108-0b8a428d5e48 -SystemEventPortName:HostProcess-2f795684-67aa-48ed-951f-c60276e3057f -IoCancelEventPortName:HostProcess-6fa8eb23-1ade-4604-a0a2-41fe4667a036 -NonStateChangingEventPortName:HostProcess-b9742425-7a08-40ab-a798-c530f228f1d2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:475ecaef-61f5-446d-9a76-494d681c25f4 -DeviceGroupId:WudfDefaultDevicePool
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-ec88d33b-a736-4ec5-921e-dd0fc3a9155d -SystemEventPortName:HostProcess-fc9b4109-b842-4f79-8dd5-cd2069667412 -IoCancelEventPortName:HostProcess-df68db6e-b018-48c2-bc09-d3814d2e361a -NonStateChangingEventPortName:HostProcess-4ebc94f0-7bcd-4f33-aa8c-14a8368ab6df -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3ff6b0a4-d7a6-4fe4-b360-e38548d8e28d -DeviceGroupId:WpdFsGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\BtwRSupportService.exe
"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
"C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe" /TUStart /pid:2788
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
C:\WINDOWS\system32\fontdrvhost.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3fc
"C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrunupdate 0
C:\WINDOWS\system32\DllHost.exe /Processid:{49F6E667-6658-4BD1-9DE9-6AF87F9FAF85}
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly /fmw.clear_cache
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\WINDOWS\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tetrev\Desktop\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e.job - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA.job - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\WINDOWS\system32\tasks\avast! Emergency Update - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\WINDOWS\system32\tasks\AVGPCTuneUp_Task_BkGndMaintenance - C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe $(Arg0)
C:\WINDOWS\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e - C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\Google Update - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA - C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\OneDrive Standalone Update Task - C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
C:\WINDOWS\system32\tasks\Opera scheduled Autoupdate 1428853559 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1468633631 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{C99CD5FD-3E42-4576-8499-B423DDC0B0DB} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\{C78478A3-3A93-4EA4-8398-CC3ABC0EACCA} - C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Tetrev\Desktop\Live Windows 7 CD\HP USB Formatter.EXE" -d "C:\Users\Tetrev\Desktop\Live Windows 7 CD"
C:\WINDOWS\system32\tasks\WPD\SqmUpload_S-1-5-21-3374175700-459317722-1100794181-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTask - %windir%\System32\XblGameSaveTask.exe standby
C:\WINDOWS\system32\tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon - %windir%\System32\XblGameSaveTask.exe logon
C:\WINDOWS\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join - %SystemRoot%\System32\dsregcmd.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sih - %systemroot%\System32\sihclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\sihboot - %systemroot%\System32\sihclient.exe /boot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCacheMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdCleanup
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification - %ProgramFiles%\Windows Defender\MpCmdRun.exe -IdleTask -TaskName WdVerification
C:\WINDOWS\system32\tasks\Microsoft\Windows\WCM\WiFiTask - %SystemRoot%\System32\WiFiTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install - %systemroot%\system32\usoclient.exe StartInstall
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Reboot - %systemroot%\system32\MusNotification.exe Reboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Refresh Settings - %systemroot%\system32\usoclient.exe RefreshSettings
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot - %systemroot%\system32\usoclient.exe ResumeUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan - %systemroot%\system32\usoclient.exe StartScan
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display - C:\windows\system32\MusNotification.exe Display
C:\WINDOWS\system32\tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot - C:\windows\system32\MusNotification.exe ReadyToReboot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Optimization - %windir%\system32\defrag.exe -c -h -g -# -m 8 -i 13500
C:\WINDOWS\system32\tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask - %windir%\system32\speech_onecore\common\SpeechModelDownload.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceManagerTask - %windir%\system32\spaceman.exe /Work
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\SharedPC\Account Cleanup - %windir%\System32\rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemovalTools\MRT_HB - C:\WINDOWS\system32\MRT.exe /EHB /Q
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NlaSvc\WiFiTask - %SystemRoot%\System32\WiFiTask.exe nla
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\WINDOWS\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Management\Provisioning\Logon - %windir%\system32\ProvTool.exe /turn 5
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClient - %windir%\system32\dmclient.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload - %windir%\system32\dmclient.exe utcwnf
C:\WINDOWS\system32\tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask - %windir%\system32\MDMAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DUSM\dusmtask - %SystemRoot%\System32\dusmtask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskFootprint\Diagnostics - %windir%\system32\disksnapshot.exe -z
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Device Information\Device - %windir%\system32\devicecensus.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Clip\License Validation - %SystemRoot%\system32\ClipUp.exe -p -s -o
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierdaily - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\appuriverifierinstall - %windir%\system32\AppHostRegistrationVerifier.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup - %windir%\system32\dstokenclean.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattelrunner.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\WINDOWS\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload
C:\WINDOWS\system32\tasks\ASUS\ASUS Product Register Service - C:\Program Files (x86)\ASUS\APRP\aprp.exe
=========Google Chrome=========
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 2 Avast SafePrice 11.1.0.210
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension gomekmidlodglbbmalcneegieacbdmki 2 Avast Online Security 11.1.0.210
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage:
default_search_provider.search_url:
C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18 229064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 2351920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MIF5BA~1\Office15\GROOVEEX.DLL [2016-10-11 1743664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-24 8492800]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1794704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-08-21 519504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Dropbox Update"=C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-04 143144]
"OneDrive"=C:\Users\Tetrev\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-24 633024]
"cz.seznam.software.autoupdate"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Google Update"=C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-29 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe []
""= []
"HPUsageTrackingLEDM"=C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [2009-10-15 30264]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-11-15 9080768]
"CloneCDTray"=C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [2009-01-29 57344]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-12-01 240400]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-11-14 7830664]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1104104]
C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableUIADesktopToggle"=0
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
"StubPath"=%SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-29 20:39:08 ----D---- C:\AdwCleaner
2016-11-27 17:18:07 ----D---- C:\WINDOWS\LastGood.Tmp
2016-11-27 13:50:36 ----HD---- C:\$WINDOWS.~BT
2016-11-17 14:46:06 ----D---- C:\WINDOWS\Minidump
2016-11-09 18:15:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2016-11-09 18:15:43 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:15:42 ----A---- C:\WINDOWS\system32\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\chartv.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\wer.dll
2016-11-09 18:15:41 ----A---- C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2016-11-09 18:15:40 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\weretw.dll
2016-11-09 18:15:40 ----A---- C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2016-11-09 18:15:39 ----A---- C:\WINDOWS\system32\drivers\bowser.sys
2016-11-09 18:15:38 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:15:38 ----A---- C:\WINDOWS\system32\dab.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\wininetlui.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15:37 ----A---- C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:15:36 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:15:35 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-11-09 18:15:34 ----A---- C:\WINDOWS\system32\chartv.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-11-09 18:15:33 ----A---- C:\WINDOWS\system32\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-11-09 18:15:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\gameux.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\fontext.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\SYSWOW64\DevicePairing.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:15:31 ----A---- C:\WINDOWS\system32\authui.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2016-11-09 18:15:30 ----A---- C:\WINDOWS\SYSWOW64\hgcpl.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-11-09 18:15:29 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2016-11-09 18:15:29 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\efsext.dll
2016-11-09 18:15:28 ----A---- C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2016-11-09 18:15:27 ----A---- C:\WINDOWS\SYSWOW64\rdpcore.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:15:27 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2016-11-09 18:15:26 ----A---- C:\WINDOWS\SYSWOW64\AuthExt.dll
2016-11-09 18:15:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\stobject.dll
2016-11-09 18:15:19 ----A---- C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\SYSWOW64\usercpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\sud.dll
2016-11-09 18:15:18 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-11-09 18:15:17 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\fontext.dll
2016-11-09 18:15:16 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\gameux.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:15:15 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\twinui.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:15:14 ----A---- C:\WINDOWS\explorer.exe
2016-11-09 18:15:13 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:15:08 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:15:07 ----A---- C:\WINDOWS\SYSWOW64\InstallAgentUserBroker.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\StoreAgent.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\SYSWOW64\InstallAgent.exe
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:15:06 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\winload.exe
2016-11-09 18:15:05 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:15:04 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:15:03 ----A---- C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2016-11-09 18:15:01 ----A---- C:\WINDOWS\SYSWOW64\asycfilt.dll
2016-11-09 18:15:00 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2016-11-09 18:14:59 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2016-11-09 18:14:58 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\indexeddbserver.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2016-11-09 18:14:57 ----A---- C:\WINDOWS\SYSWOW64\ActionCenterCPL.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:14:56 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:14:55 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-11-09 18:14:53 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2016-11-09 18:14:51 ----A---- C:\WINDOWS\system32\shell32.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:14:49 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-11-09 18:14:48 ----A---- C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:14:47 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:14:46 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:14:45 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:14:44 ----A---- C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:14:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:14:42 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:14:41 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:14:40 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:14:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:14:38 ----A---- C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\wininet.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:14:37 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:14:36 ----A---- C:\WINDOWS\system32\cdp.dll
2016-11-09 18:14:35 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:14:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:14:29 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:14:28 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:14:27 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-11-09 18:14:26 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:14:25 ----A---- C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-11-09 18:14:22 ----A---- C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:14:20 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:14:20 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\SYSWOW64\input.dll
2016-11-09 18:14:19 ----A---- C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:14:18 ----A---- C:\WINDOWS\SYSWOW64\UIAnimation.dll
2016-11-09 18:14:17 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\SYSWOW64\ErrorDetails.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:14:16 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:14:15 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:14:14 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2016-11-09 18:14:13 ----A---- C:\WINDOWS\system32\winresume.exe
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:14:12 ----A---- C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\msinfo32.exe
2016-11-09 18:14:11 ----A---- C:\WINDOWS\SYSWOW64\FSClient.dll
2016-11-09 18:14:11 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-11-09 18:14:10 ----A---- C:\WINDOWS\system32\msctf.dll
2016-11-09 18:14:09 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:14:06 ----A---- C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:14:05 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:14:04 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\SYSWOW64\BcastDVRHelper.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:14:03 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\win32k.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\drivers\iorate.sys
2016-11-09 18:14:02 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:14:01 ----A---- C:\WINDOWS\system32\input.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\ddraw.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\SYSWOW64\d3d8.dll
2016-11-09 18:14:00 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:13:59 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:13:57 ----A---- C:\WINDOWS\SYSWOW64\AppCapture.dll
2016-11-09 18:13:56 ----A---- C:\WINDOWS\system32\atmlib.dll
======List of files/folders modified in the last 1 month======
2016-12-04 11:15:32 ----D---- C:\Program Files\trend micro
2016-12-04 11:12:00 ----D---- C:\WINDOWS\system32\sru
2016-12-04 11:10:58 ----D---- C:\WINDOWS\Temp
2016-12-04 11:10:58 ----D---- C:\WINDOWS\system32\SleepStudy
2016-12-04 09:17:47 ----D---- C:\WINDOWS\system32\config
2016-12-04 09:14:27 ----RD---- C:\WINDOWS\Microsoft.NET
2016-12-03 17:46:34 ----D---- C:\WINDOWS\system32\drivers
2016-12-03 13:30:55 ----D---- C:\WINDOWS\AppReadiness
2016-12-02 21:11:31 ----D---- C:\WINDOWS\Prefetch
2016-12-02 18:02:13 ----SHDC---- C:\WINDOWS\Installer
2016-12-02 09:31:12 ----HD---- C:\Program Files\WindowsApps
2016-12-01 19:44:12 ----D---- C:\Users\Tetrev\AppData\Roaming\Dropbox
2016-12-01 13:35:16 ----HD---- C:\ProgramData
2016-11-30 12:43:08 ----D---- C:\Users\Tetrev\AppData\Roaming\Seznam.cz
2016-11-30 12:37:10 ----D---- C:\WINDOWS\System32
2016-11-30 12:37:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-30 12:33:00 ----D---- C:\ProgramData\NVIDIA
2016-11-29 20:57:55 ----D---- C:\Windows
2016-11-29 20:57:19 ----D---- C:\WINDOWS\system32\catroot2
2016-11-29 20:56:28 ----RD---- C:\Program Files (x86)
2016-11-28 17:09:16 ----AD---- C:\Program Files (x86)\TeamViewer
2016-11-28 14:15:42 ----D---- C:\WINDOWS\WinSxS
2016-11-27 19:46:32 ----AD---- C:\Program Files (x86)\Opera
2016-11-27 17:18:24 ----D---- C:\WINDOWS\system32\CatRoot
2016-11-27 17:18:24 ----D---- C:\WINDOWS\INF
2016-11-27 17:18:23 ----D---- C:\WINDOWS\system32\DriverStore
2016-11-27 09:30:24 ----SHD---- C:\System Volume Information
2016-11-25 19:45:06 ----D---- C:\WINDOWS\system32\Tasks
2016-11-25 13:45:30 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2016-11-17 14:41:44 ----D---- C:\WINDOWS\LiveKernelReports
2016-11-12 09:42:13 ----D---- C:\WINDOWS\rescache
2016-11-12 09:37:11 ----RSD---- C:\WINDOWS\assembly
2016-11-09 20:11:07 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-11-09 20:11:06 ----D---- C:\WINDOWS\SysWOW64
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\oobe
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migwiz
2016-11-09 20:11:01 ----D---- C:\WINDOWS\system32\migration
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\cs-CZ
2016-11-09 20:10:57 ----D---- C:\WINDOWS\system32\Boot
2016-11-09 20:10:56 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:10:56 ----D---- C:\WINDOWS\ShellExperiences
2016-11-09 20:10:56 ----D---- C:\WINDOWS\bcastdvr
2016-11-09 20:10:56 ----D---- C:\WINDOWS\AppPatch
2016-11-09 18:32:06 ----D---- C:\WINDOWS\CbsTemp
2016-11-09 18:27:48 ----D---- C:\WINDOWS\system32\MRT
2016-11-09 18:21:05 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-11-09 18:21:00 ----D---- C:\ProgramData\Microsoft Help
2016-11-05 21:14:10 ----A---- C:\WINDOWS\win.ini
File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-09-09 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-10-13 293352]
R0 fltsrv;Acronis Storage Filter Management; C:\WINDOWS\system32\DRIVERS\fltsrv.sys [2016-03-11 116000]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2016-03-11 269600]
R1 AsIO;AsIO; SysWow64\drivers\AsIO.sys []
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-09-09 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-09-09 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-09-14 969184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-09-23 513632]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-09-09 108816]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-09-09 163416]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2016-03-11 367200]
R3 bcbtums;@oem39.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-09-21 173312]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2016-09-24 114176]
R3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-09-15 249856]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2016-10-05 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2016-09-24 84992]
R3 dtlitescsibus;@oem38.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2015-04-12 30352]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 MonitorFunction;@oem8.inf,%MonitorFunction_SvcDesc%;Driver for Monitor; C:\WINDOWS\System32\drivers\TVMonitor.sys [2015-11-16 16376]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-09-24 175616]
R3 NVHDA;@oem55.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2016-08-26 240704]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [2016-08-26 13754936]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2016-07-16 183808]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2016-07-16 88416]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-09-09 37656]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-10-15 967168]
S3 btwampfl;@oem39.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-09-21 188160]
S3 dg_ssudbus;@oem42.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-09-24 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mvusbews;@oem15.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem23.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 311656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-08-21 1144688]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2016-03-11 3869688]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; %windir%\system32\svchost.exe -k apphost;"ServiceDll"=%windir%\system32\inetsrv\apphostsvc.dll
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2015-12-04 936728]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-09-09 197128]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-12-01 1146128]
R2 BcmBtRSupport;@oem39.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-09-21 2251992]
R2 CDPUserSvc_a915b;CDPUserSvc_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-10-15 136192]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-03-28 89840]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2013-07-30 204552]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-09-24 26112]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-08-01 1365048]
R2 OneSyncSvc_a915b;Hostitel synchronizace_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-07-23 410768]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7149264]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 PimIndexMaintenanceSvc_a915b;Data kontaktů_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=%SystemRoot%\System32\CDPUserSvc.dll
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2016-07-16 136360]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2016-07-16 52920]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; %SystemRoot%\System32\svchost.exe -k Camera;"ServiceDll"=%SystemRoot%\system32\FrameServer.dll
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\hvhostsvc.dll
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\irmon.dll
S3 MessagingService_a915b;Služba zasílání zpráv_a915b; C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup;"ServiceDll"=
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\RMapi.dll
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; %SystemRoot%\System32\svchost.exe -k netsvcs;"ServiceDll"=%systemroot%\system32\Windows.SharedPC.AccountManager.dll
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
S4 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Toto není FRST, ale RSIT. Z něj v desítkách nemohu mazat. Riskoval bych poškození systému.Rudy píše:Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-12-2016
Ran by Tetrev (administrator) on TETREV-PC (04-12-2016 12:02:24)
Running from C:\Users\Tetrev\Desktop
Loaded Profiles: Tetrev (Available Profiles: Tetrev & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(HP) C:\Program Files (x86)\Hp\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Dropbox, Inc.) C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dropbox, Inc.) C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Tetrev\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7830664 2013-11-14] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104104 2013-10-10] (Acronis International GmbH)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [Dropbox Update] => C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [Google Update] => C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-29] (Google Inc.)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
Startup: C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9aecc2db-d2ad-4423-ae49-98bf91faa07c}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {03198403-BBCC-45D1-8F0F-91BD265F9720} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {293B4A13-3B9D-4EED-98D8-507C323813BD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {4862DF6F-B9EC-4C29-B41B-0E32A8839763} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {683AE904-EC27-4D48-9EC7-3AEF75F1D582} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {70323CA1-AEF3-40A2-871B-F3BD0845B447} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {7641DA3C-2F98-4D7D-A28E-8B95711AFED4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {A22F18C4-E7C6-4452-8352-90B6413B89C2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {A7B28518-1D08-4F75-8592-829FE9DF5A7C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {E51825BD-343E-4988-AB9F-08FE9957C641} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3374175700-459317722-1100794181-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tetrev\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3374175700-459317722-1100794181-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tetrev\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Opera:
=======
OPR Extension: (Opera Bookmarks Share Portal) - C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-04] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-01] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-09-21] (Broadcom Corporation.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-25] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-04] ()
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-09-21] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-04-12] (Disc Soft Ltd)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-03-11] (Acronis International GmbH)
S0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2016-03-11] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [134800 2016-03-04] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-11-14] (Wellbia.com Co., Ltd.)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-04 12:02 - 2016-12-04 12:02 - 00024722 _____ C:\Users\Tetrev\Desktop\FRST.txt
2016-12-04 12:01 - 2016-12-04 12:01 - 00067469 _____ C:\Users\Tetrev\Desktop\FRST3.txt
2016-12-04 11:59 - 2016-12-04 12:00 - 00059105 _____ C:\Users\Tetrev\Desktop\Addition.txt
2016-12-04 11:58 - 2016-12-04 12:02 - 00000000 ____D C:\FRST
2016-12-04 11:57 - 2016-12-04 11:58 - 00112640 _____ (forum.viry.cz) C:\Users\Tetrev\Desktop\FRSTLauncher.exe
2016-12-04 11:55 - 2016-12-04 11:58 - 02411520 _____ (Farbar) C:\Users\Tetrev\Desktop\FRST64.exe
2016-12-01 19:43 - 2016-12-01 19:43 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-29 20:39 - 2016-11-29 20:57 - 00000000 ____D C:\AdwCleaner
2016-11-29 20:39 - 2016-11-29 20:39 - 03910208 _____ C:\Users\Tetrev\Desktop\adwcleaner_6.030.exe
2016-11-29 20:38 - 2016-11-29 20:38 - 03910208 _____ C:\Users\Tetrev\Downloads\adwcleaner_6.030.exe
2016-11-29 20:04 - 2016-11-29 20:04 - 01323520 _____ C:\Users\Tetrev\Downloads\RSITx64 (1).exe
2016-11-29 20:04 - 2016-11-29 20:04 - 01323520 _____ C:\Users\Tetrev\Desktop\RSITx64 (1).exe
2016-11-29 19:36 - 2016-11-29 19:36 - 00319912 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-pil (1).pdf
2016-11-29 14:50 - 2016-11-29 14:50 - 00319912 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-pil.pdf
2016-11-29 14:50 - 2016-11-29 14:50 - 00273173 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-obal.pdf
2016-11-27 20:31 - 2016-11-27 20:31 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY (2).exe
2016-11-27 17:18 - 2016-11-27 17:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-27 16:08 - 2016-11-27 16:08 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY (1).exe
2016-11-27 14:40 - 2016-11-27 14:40 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY.exe
2016-11-27 14:40 - 2016-11-27 14:40 - 00000000 ____D C:\Users\Tetrev\AppData\Local\ESET
2016-11-27 13:50 - 2016-11-27 13:50 - 00000000 ___HD C:\$WINDOWS.~BT
2016-11-23 16:23 - 2016-11-23 16:25 - 00527852 _____ C:\WINDOWS\Minidump\112316-22406-01.dmp
2016-11-22 08:00 - 2016-11-22 08:01 - 00529284 _____ C:\WINDOWS\Minidump\112216-21375-01.dmp
2016-11-21 19:03 - 2016-11-21 19:04 - 00535068 _____ C:\WINDOWS\Minidump\112116-21687-01.dmp
2016-11-21 16:02 - 2016-11-21 16:02 - 00533092 _____ C:\WINDOWS\Minidump\112116-20890-01.dmp
2016-11-20 19:54 - 2016-11-20 19:54 - 00530500 _____ C:\WINDOWS\Minidump\112016-20203-01.dmp
2016-11-19 20:21 - 2016-11-19 20:21 - 00536940 _____ C:\WINDOWS\Minidump\111916-19546-01.dmp
2016-11-19 17:54 - 2016-11-19 17:55 - 00536036 _____ C:\WINDOWS\Minidump\111916-20890-01.dmp
2016-11-18 18:56 - 2016-11-18 18:57 - 00525892 _____ C:\WINDOWS\Minidump\111816-21906-01.dmp
2016-11-18 14:52 - 2016-11-18 14:54 - 00535372 _____ C:\WINDOWS\Minidump\111816-19750-01.dmp
2016-11-17 19:19 - 2016-11-17 19:21 - 00526684 _____ C:\WINDOWS\Minidump\111716-19859-01.dmp
2016-11-17 16:32 - 2016-11-17 16:33 - 00527388 _____ C:\WINDOWS\Minidump\111716-19218-01.dmp
2016-11-17 14:46 - 2016-11-23 16:23 - 854701083 _____ C:\WINDOWS\MEMORY.DMP
2016-11-17 14:46 - 2016-11-23 16:23 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-17 14:46 - 2016-11-17 14:46 - 00543708 _____ C:\WINDOWS\Minidump\111716-73500-01.dmp
2016-11-16 16:07 - 2016-11-16 16:07 - 00000000 ____D C:\Users\Tetrev\Desktop\Nová složka (3)
2016-11-09 18:15 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 18:15 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 18:15 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 18:15 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 18:15 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:15 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:15 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 18:15 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:15 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 18:15 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 18:15 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 18:15 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 18:15 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 18:15 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 18:15 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:15 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 18:15 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 18:15 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 18:15 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 18:15 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 18:15 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 18:15 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 18:15 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:15 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 18:15 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 18:15 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 18:15 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 18:15 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 18:15 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 18:15 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 18:15 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 18:15 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 18:15 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 18:15 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 18:15 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 18:15 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 18:15 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:15 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 18:15 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 18:15 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:15 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 18:15 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 18:15 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:15 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 18:15 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 18:15 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:15 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 18:15 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 18:15 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:15 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:15 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:15 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:15 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 18:15 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:15 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 18:15 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:15 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:15 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 18:14 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:14 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 18:14 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 18:14 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:14 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 18:14 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:14 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 18:14 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 18:14 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 18:14 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:14 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 18:14 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:14 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:14 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:14 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 18:14 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 18:14 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 18:14 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 18:14 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 18:14 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 18:14 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 18:14 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 18:14 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 18:14 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 18:14 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 18:14 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 18:14 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:14 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 18:14 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 18:14 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:14 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 18:14 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:14 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 18:14 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:14 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:14 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:14 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:14 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:14 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:14 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:14 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:14 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:14 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 18:14 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:14 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:14 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:14 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:14 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:14 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:14 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:14 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:14 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:14 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:14 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:14 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 18:14 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 18:14 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 18:13 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:13 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 18:13 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:13 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 18:13 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-05 20:08 - 2016-11-05 20:08 - 00000056 _____ C:\Users\Tetrev\Desktop\Tetrev.url
2016-11-04 20:53 - 2016-11-29 20:58 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e.job
2016-11-04 20:53 - 2016-11-29 20:58 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d.job
2016-11-04 20:53 - 2016-11-29 09:27 - 00004092 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e
2016-11-04 20:53 - 2016-11-29 09:27 - 00003716 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-04 11:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-04 11:15 - 2015-11-17 21:00 - 00000000 ____D C:\Program Files\trend micro
2016-12-04 11:10 - 2016-09-24 03:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-03 19:38 - 2016-09-24 03:39 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-12-03 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-02 19:49 - 2016-09-24 03:12 - 00000000 ____D C:\Users\Tetrev
2016-12-02 09:31 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-01 19:44 - 2015-04-12 09:40 - 00000000 ___RD C:\Users\Tetrev\Dropbox
2016-12-01 19:44 - 2015-04-12 09:37 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Dropbox
2016-11-30 12:43 - 2015-11-17 20:15 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Seznam.cz
2016-11-30 12:37 - 2016-09-24 03:11 - 02508680 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-30 12:37 - 2016-07-16 23:25 - 00912216 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-30 12:37 - 2016-07-16 23:25 - 00246402 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-30 12:33 - 2016-09-24 03:07 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-30 12:32 - 2016-09-24 03:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-29 20:57 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-28 17:09 - 2015-04-12 19:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-27 19:46 - 2015-04-12 16:44 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-27 17:18 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-27 14:05 - 2016-09-24 03:40 - 00002564 _____ C:\WINDOWS\diagwrn.xml
2016-11-27 14:05 - 2016-09-24 03:40 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-11-27 11:16 - 2016-09-24 03:39 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-11-25 19:45 - 2016-09-24 03:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1428853559
2016-11-25 19:45 - 2015-04-12 16:46 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 13:45 - 2016-01-20 20:20 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-11-21 16:10 - 2015-08-18 08:52 - 00000000 ____D C:\Users\Tetrev\AppData\Local\Packages
2016-11-19 13:26 - 2015-04-27 19:55 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-19 13:26 - 2015-04-27 19:55 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-17 14:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-14 18:27 - 2015-09-03 20:39 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-11-14 18:24 - 2015-09-03 18:31 - 00000000 ____D C:\Users\Tetrev\Downloads\Gameforge Live
2016-11-12 09:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 19:52 - 2016-09-24 03:39 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 19:39 - 2015-08-18 08:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-10 19:34 - 2016-09-24 03:04 - 04963544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 18:32 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 18:27 - 2015-04-12 01:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 18:21 - 2015-04-12 01:10 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-09 18:20 - 2015-04-12 16:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-05 21:14 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Tetrev\AppData\Roaming\7ak9Wsg6sWE5.exe
2016-01-12 20:09 - 2016-02-28 18:40 - 0000026 _____ () C:\Users\Tetrev\AppData\Local\isoworkshop.ini
2015-08-18 18:42 - 2015-08-18 18:42 - 0007658 _____ () C:\Users\Tetrev\AppData\Local\Resmon.ResmonCfg
2015-11-04 23:34 - 2016-01-12 20:05 - 0000126 ___SH () C:\ProgramData\.zreglib
2015-04-12 03:20 - 2015-04-12 03:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Tetrev\AppData\Local\Temp\b21d0eb2e98e63140f2b62e3b59f854c.dll
C:\Users\Tetrev\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Tetrev\AppData\Local\Temp\libeay32.dll
C:\Users\Tetrev\AppData\Local\Temp\msvcr120.dll
C:\Users\Tetrev\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-28 12:24
==================== End of FRST.txt ============================
Ran by Tetrev (administrator) on TETREV-PC (04-12-2016 12:02:24)
Running from C:\Users\Tetrev\Desktop
Loaded Profiles: Tetrev (Available Profiles: Tetrev & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(HP) C:\Program Files (x86)\Hp\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Dropbox, Inc.) C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.261.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1611.3123.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Dropbox, Inc.) C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Tetrev\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519504 2013-08-21] (Acronis)
HKLM-x32\...\Run: [USB3MON] => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-10-15] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-01] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7830664 2013-11-14] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104104 2013-10-10] (Acronis International GmbH)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [Dropbox Update] => C:\Users\Tetrev\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc.)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tetrev\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tetrev\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [Google Update] => C:\Users\Tetrev\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-12-29] (Google Inc.)
HKU\S-1-5-21-3374175700-459317722-1100794181-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll [2016-11-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
Startup: C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-12-01]
ShortcutTarget: Dropbox.lnk -> C:\Users\Tetrev\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9aecc2db-d2ad-4423-ae49-98bf91faa07c}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {03198403-BBCC-45D1-8F0F-91BD265F9720} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {293B4A13-3B9D-4EED-98D8-507C323813BD} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {4862DF6F-B9EC-4C29-B41B-0E32A8839763} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {683AE904-EC27-4D48-9EC7-3AEF75F1D582} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {70323CA1-AEF3-40A2-871B-F3BD0845B447} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {7641DA3C-2F98-4D7D-A28E-8B95711AFED4} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {A22F18C4-E7C6-4452-8352-90B6413B89C2} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {A7B28518-1D08-4F75-8592-829FE9DF5A7C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-3374175700-459317722-1100794181-1000 -> {E51825BD-343E-4988-AB9F-08FE9957C641} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-10-11] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3374175700-459317722-1100794181-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Tetrev\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3374175700-459317722-1100794181-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Tetrev\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Chrome Media Router) - C:\Users\Tetrev\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
Opera:
=======
OPR Extension: (Opera Bookmarks Share Portal) - C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi [2015-11-17]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-04] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-01] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2251992 2015-09-21] (Broadcom Corporation.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136192 2009-10-15] (HP) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-25] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-04] ()
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-09-23] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [173312 2015-09-21] (Broadcom Corporation.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30352 2015-04-12] (Disc Soft Ltd)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-03-11] (Acronis International GmbH)
S0 tib_mounter; C:\WINDOWS\System32\DRIVERS\tib_mounter.sys [198432 2016-03-11] (Acronis International GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [127456 2016-03-04] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [205784 2016-03-04] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [134800 2016-03-04] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-11-14] (Wellbia.com Co., Ltd.)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-04 12:02 - 2016-12-04 12:02 - 00024722 _____ C:\Users\Tetrev\Desktop\FRST.txt
2016-12-04 12:01 - 2016-12-04 12:01 - 00067469 _____ C:\Users\Tetrev\Desktop\FRST3.txt
2016-12-04 11:59 - 2016-12-04 12:00 - 00059105 _____ C:\Users\Tetrev\Desktop\Addition.txt
2016-12-04 11:58 - 2016-12-04 12:02 - 00000000 ____D C:\FRST
2016-12-04 11:57 - 2016-12-04 11:58 - 00112640 _____ (forum.viry.cz) C:\Users\Tetrev\Desktop\FRSTLauncher.exe
2016-12-04 11:55 - 2016-12-04 11:58 - 02411520 _____ (Farbar) C:\Users\Tetrev\Desktop\FRST64.exe
2016-12-01 19:43 - 2016-12-01 19:43 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-29 20:39 - 2016-11-29 20:57 - 00000000 ____D C:\AdwCleaner
2016-11-29 20:39 - 2016-11-29 20:39 - 03910208 _____ C:\Users\Tetrev\Desktop\adwcleaner_6.030.exe
2016-11-29 20:38 - 2016-11-29 20:38 - 03910208 _____ C:\Users\Tetrev\Downloads\adwcleaner_6.030.exe
2016-11-29 20:04 - 2016-11-29 20:04 - 01323520 _____ C:\Users\Tetrev\Downloads\RSITx64 (1).exe
2016-11-29 20:04 - 2016-11-29 20:04 - 01323520 _____ C:\Users\Tetrev\Desktop\RSITx64 (1).exe
2016-11-29 19:36 - 2016-11-29 19:36 - 00319912 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-pil (1).pdf
2016-11-29 14:50 - 2016-11-29 14:50 - 00319912 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-pil.pdf
2016-11-29 14:50 - 2016-11-29 14:50 - 00273173 _____ C:\Users\Tetrev\Downloads\singulair-5-junior-obal.pdf
2016-11-27 20:31 - 2016-11-27 20:31 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY (2).exe
2016-11-27 17:18 - 2016-11-27 17:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-11-27 16:08 - 2016-11-27 16:08 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY (1).exe
2016-11-27 14:40 - 2016-11-27 14:40 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Tetrev\Downloads\ESETOnlineScanner_CSY.exe
2016-11-27 14:40 - 2016-11-27 14:40 - 00000000 ____D C:\Users\Tetrev\AppData\Local\ESET
2016-11-27 13:50 - 2016-11-27 13:50 - 00000000 ___HD C:\$WINDOWS.~BT
2016-11-23 16:23 - 2016-11-23 16:25 - 00527852 _____ C:\WINDOWS\Minidump\112316-22406-01.dmp
2016-11-22 08:00 - 2016-11-22 08:01 - 00529284 _____ C:\WINDOWS\Minidump\112216-21375-01.dmp
2016-11-21 19:03 - 2016-11-21 19:04 - 00535068 _____ C:\WINDOWS\Minidump\112116-21687-01.dmp
2016-11-21 16:02 - 2016-11-21 16:02 - 00533092 _____ C:\WINDOWS\Minidump\112116-20890-01.dmp
2016-11-20 19:54 - 2016-11-20 19:54 - 00530500 _____ C:\WINDOWS\Minidump\112016-20203-01.dmp
2016-11-19 20:21 - 2016-11-19 20:21 - 00536940 _____ C:\WINDOWS\Minidump\111916-19546-01.dmp
2016-11-19 17:54 - 2016-11-19 17:55 - 00536036 _____ C:\WINDOWS\Minidump\111916-20890-01.dmp
2016-11-18 18:56 - 2016-11-18 18:57 - 00525892 _____ C:\WINDOWS\Minidump\111816-21906-01.dmp
2016-11-18 14:52 - 2016-11-18 14:54 - 00535372 _____ C:\WINDOWS\Minidump\111816-19750-01.dmp
2016-11-17 19:19 - 2016-11-17 19:21 - 00526684 _____ C:\WINDOWS\Minidump\111716-19859-01.dmp
2016-11-17 16:32 - 2016-11-17 16:33 - 00527388 _____ C:\WINDOWS\Minidump\111716-19218-01.dmp
2016-11-17 14:46 - 2016-11-23 16:23 - 854701083 _____ C:\WINDOWS\MEMORY.DMP
2016-11-17 14:46 - 2016-11-23 16:23 - 00000000 ____D C:\WINDOWS\Minidump
2016-11-17 14:46 - 2016-11-17 14:46 - 00543708 _____ C:\WINDOWS\Minidump\111716-73500-01.dmp
2016-11-16 16:07 - 2016-11-16 16:07 - 00000000 ____D C:\Users\Tetrev\Desktop\Nová složka (3)
2016-11-09 18:15 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-11-09 18:15 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 18:15 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 18:15 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-11-09 18:15 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-11-09 18:15 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:15 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 18:15 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-11-09 18:15 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-11-09 18:15 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 18:15 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 18:15 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 18:15 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 18:15 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-11-09 18:15 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 18:15 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:15 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 18:15 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 18:15 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-11-09 18:15 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-11-09 18:15 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 18:15 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 18:15 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 18:15 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 18:15 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-11-09 18:15 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 18:15 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-11-09 18:15 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-11-09 18:15 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 18:15 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 18:15 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-11-09 18:15 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll
2016-11-09 18:15 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 18:15 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 18:15 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-11-09 18:15 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 18:15 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-11-09 18:15 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 18:15 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 18:15 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-11-09 18:15 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 18:15 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 18:15 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2016-11-09 18:15 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:15 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2016-11-09 18:15 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:15 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-11-09 18:15 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2016-11-09 18:15 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:15 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-11-09 18:15 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-11-09 18:15 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 18:15 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:15 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-11-09 18:15 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 18:15 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:15 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 18:15 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 18:15 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:15 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-11-09 18:15 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-11-09 18:15 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:15 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:15 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:15 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 18:15 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-11-09 18:15 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2016-11-09 18:15 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 18:15 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:15 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:15 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 18:14 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:14 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 18:14 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 18:14 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:14 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 18:14 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-11-09 18:14 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-11-09 18:14 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-11-09 18:14 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 18:14 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:14 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2016-11-09 18:14 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:14 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-11-09 18:14 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 18:14 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:14 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 18:14 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:14 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 18:14 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2016-11-09 18:14 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2016-11-09 18:14 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 18:14 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-11-09 18:14 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-11-09 18:14 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-11-09 18:14 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-11-09 18:14 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-11-09 18:14 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-11-09 18:14 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-11-09 18:14 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2016-11-09 18:14 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-11-09 18:14 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 18:14 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:14 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 18:14 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 18:14 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 18:14 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-11-09 18:14 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:14 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-11-09 18:14 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 18:14 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-11-09 18:14 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:14 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-11-09 18:14 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 18:14 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-11-09 18:14 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:14 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:14 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-11-09 18:14 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 18:14 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 18:14 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-11-09 18:14 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 18:14 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll
2016-11-09 18:14 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:14 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-11-09 18:14 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-11-09 18:14 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:14 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:14 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-11-09 18:14 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 18:14 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-11-09 18:14 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:14 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:14 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:14 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:14 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:14 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:14 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:14 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:14 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:14 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 18:14 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 18:14 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-11-09 18:13 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 18:13 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-11-09 18:13 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 18:13 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 18:13 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-05 20:08 - 2016-11-05 20:08 - 00000056 _____ C:\Users\Tetrev\Desktop\Tetrev.url
2016-11-04 20:53 - 2016-11-29 20:58 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e.job
2016-11-04 20:53 - 2016-11-29 20:58 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d.job
2016-11-04 20:53 - 2016-11-29 09:27 - 00004092 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000UA1d236d52b31b68e
2016-11-04 20:53 - 2016-11-29 09:27 - 00003716 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3374175700-459317722-1100794181-1000Core1d236d52b02a18d
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-04 11:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-12-04 11:15 - 2015-11-17 21:00 - 00000000 ____D C:\Program Files\trend micro
2016-12-04 11:10 - 2016-09-24 03:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-03 19:38 - 2016-09-24 03:39 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-12-03 13:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-02 19:49 - 2016-09-24 03:12 - 00000000 ____D C:\Users\Tetrev
2016-12-02 09:31 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-01 19:44 - 2015-04-12 09:40 - 00000000 ___RD C:\Users\Tetrev\Dropbox
2016-12-01 19:44 - 2015-04-12 09:37 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Dropbox
2016-11-30 12:43 - 2015-11-17 20:15 - 00000000 ____D C:\Users\Tetrev\AppData\Roaming\Seznam.cz
2016-11-30 12:37 - 2016-09-24 03:11 - 02508680 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-30 12:37 - 2016-07-16 23:25 - 00912216 _____ C:\WINDOWS\system32\perfh005.dat
2016-11-30 12:37 - 2016-07-16 23:25 - 00246402 _____ C:\WINDOWS\system32\perfc005.dat
2016-11-30 12:33 - 2016-09-24 03:07 - 00000000 ____D C:\ProgramData\NVIDIA
2016-11-30 12:32 - 2016-09-24 03:39 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-29 20:57 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-11-28 17:09 - 2015-04-12 19:57 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-27 19:46 - 2015-04-12 16:44 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-27 17:18 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-27 14:05 - 2016-09-24 03:40 - 00002564 _____ C:\WINDOWS\diagwrn.xml
2016-11-27 14:05 - 2016-09-24 03:40 - 00001908 _____ C:\WINDOWS\diagerr.xml
2016-11-27 11:16 - 2016-09-24 03:39 - 00004278 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-11-25 19:45 - 2016-09-24 03:39 - 00003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1428853559
2016-11-25 19:45 - 2015-04-12 16:46 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-11-25 13:45 - 2016-01-20 20:20 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-11-21 16:10 - 2015-08-18 08:52 - 00000000 ____D C:\Users\Tetrev\AppData\Local\Packages
2016-11-19 13:26 - 2015-04-27 19:55 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-19 13:26 - 2015-04-27 19:55 - 00002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-17 14:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-11-14 18:27 - 2015-09-03 20:39 - 00036808 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2016-11-14 18:24 - 2015-09-03 18:31 - 00000000 ____D C:\Users\Tetrev\Downloads\Gameforge Live
2016-11-12 09:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-11-10 19:52 - 2016-09-24 03:39 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-11-10 19:39 - 2015-08-18 08:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-10 19:34 - 2016-09-24 03:04 - 04963544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-09 20:11 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-11-09 20:10 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-11-09 18:32 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 18:27 - 2015-04-12 01:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 18:21 - 2015-04-12 01:10 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-09 18:20 - 2015-04-12 16:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-11-05 21:14 - 2009-07-14 03:34 - 00000478 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Tetrev\AppData\Roaming\7ak9Wsg6sWE5.exe
2016-01-12 20:09 - 2016-02-28 18:40 - 0000026 _____ () C:\Users\Tetrev\AppData\Local\isoworkshop.ini
2015-08-18 18:42 - 2015-08-18 18:42 - 0007658 _____ () C:\Users\Tetrev\AppData\Local\Resmon.ResmonCfg
2015-11-04 23:34 - 2016-01-12 20:05 - 0000126 ___SH () C:\ProgramData\.zreglib
2015-04-12 03:20 - 2015-04-12 03:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Tetrev\AppData\Local\Temp\b21d0eb2e98e63140f2b62e3b59f854c.dll
C:\Users\Tetrev\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Tetrev\AppData\Local\Temp\libeay32.dll
C:\Users\Tetrev\AppData\Local\Temp\msvcr120.dll
C:\Users\Tetrev\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-11-28 12:24
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
U3 idsvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\Users\Tetrev\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
Fix result of Farbar Recovery Scan Tool (x64) Version: 04-12-2016
Ran by Tetrev (04-12-2016 19:25:16) Run:1
Running from C:\Users\Tetrev\Desktop
Loaded Profiles: Tetrev (Available Profiles: Tetrev & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
U3 idsvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\Users\Tetrev\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
idsvc => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
Could not move "C:\WINDOWS\system32\ApnDatabase.xml" => Scheduled to move on reboot.
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Tetrev\AppData\Local\Temp" folder move:
Could not move "C:\Users\Tetrev\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 36515 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58777162 B
Java, Flash, Steam htmlcache => 770 B
Windows/system/drivers => 47965607 B
Edge => 1203463 B
Chrome => 830122015 B
Firefox => 0 B
Opera => 18794697 B
Temp, IE cache, history, cookies, recent:
Default => 42652 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 53794 B
NetworkService => 0 B
Tetrev => 334256114 B
DefaultAppPool => 24354 B
RecycleBin => 1501987 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-12-2016 19:32:40)
C:\WINDOWS\system32\ApnDatabase.xml => Is moved successfully
C:\Users\Tetrev\AppData\Local\Temp => moved successfully
==== End of Fixlog 19:32:41 ====
Ran by Tetrev (04-12-2016 19:25:16) Run:1
Running from C:\Users\Tetrev\Desktop
Loaded Profiles: Tetrev (Available Profiles: Tetrev & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
U3 idsvc; no ImagePath
C:\WINDOWS\LastGood.Tmp
C:\WINDOWS\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\Users\Tetrev\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
idsvc => service removed successfully
C:\WINDOWS\LastGood.Tmp => moved successfully
Could not move "C:\WINDOWS\system32\ApnDatabase.xml" => Scheduled to move on reboot.
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Tetrev\AppData\Local\Temp" folder move:
Could not move "C:\Users\Tetrev\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 36515 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58777162 B
Java, Flash, Steam htmlcache => 770 B
Windows/system/drivers => 47965607 B
Edge => 1203463 B
Chrome => 830122015 B
Firefox => 0 B
Opera => 18794697 B
Temp, IE cache, history, cookies, recent:
Default => 42652 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 53794 B
NetworkService => 0 B
Tetrev => 334256114 B
DefaultAppPool => 24354 B
RecycleBin => 1501987 B
EmptyTemp: => 1.2 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-12-2016 19:32:40)
C:\WINDOWS\system32\ApnDatabase.xml => Is moved successfully
C:\Users\Tetrev\AppData\Local\Temp => moved successfully
==== End of Fixlog 19:32:41 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Smazáno. Máte čisto, nebo ještě AV něco hlásí?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
avast mi nic nehlásí ale online eset se zakousne při scenování
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
Nevíte, na které položce?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
bohužel, celé okno zčerná a nejde tam nic vidět. jenom to píše že zatím našel 20infikovaných souborů
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované PC
OK. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované PC
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 7.12.2016
Čas skenování: 18:55
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.12.07.09
Databáze rootkitů: v2016.11.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Tetrev
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345679
Uplynulý čas: 5 min, 46 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 11
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e1a48361a2f814222c07cc8e857de41c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}, , [256053916f2bf6401b1ab3a7f111ac54],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aadbf7ed465484b2dd60fc5ed2306e92],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv, , [cabb9c484c4e72c453f2f335d62d9070],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv-edge, , [c2c3faeae8b269cd88bd63c57093ba46],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv-ie, , [87fefee6fe9c45f1da6bd4542ed540c0],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV09.11-nv, , [681d756f47536accf44b40e82cd73ac6],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV09.11-nv-ie, , [4d38c51f2e6cc96d370866c24cb7f010],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv, , [72139d47afeb4aecd86700285da601ff],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv-edge, , [cdb88064f2a887afd36cc860f70c47b9],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv-ie, , [a9dcd014a1f9cb6b053a65c346bdfd03],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 12
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\actions, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi, , [0f7673711585a19532772e54bb47f10f],
Soubory: 101
PUP.Optional.OpenCandy, C:\Users\Tetrev\Downloads\cdbxp_setup_4.5.6.5931.exe, , [3c499252c7d349ed67c7c569b44e5da3],
PUP.Optional.Amonetize, C:\Users\Tetrev\Downloads\File__16450_i1746621677_il85.ace, , [03827173e8b2be7873dbe414956ba858],
PUP.Optional.Amonetize, C:\Users\Tetrev\Downloads\File__16450_i1746631724_il85.ace, , [1b6a01e37d1df541044add1bff013ec2],
HackTool.WpaKill, C:\Users\Tetrev\Downloads\Windows-7-Activator.rar, , [7015db09ff9b201671d556f60100768a],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\7ak9Wsg6sWE5.exe, , [88fde2022a7087af70bc2d45df22da26],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\background.html, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\chromeCoreFilesIndex.txt, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\manifest.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\popup.html, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\Settings.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\manifest.xml, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\273.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\102.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\104.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\119.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\13.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\14.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\17.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\178.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\179.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\180.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\184.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\19.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\195.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\200.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\220.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\223.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\231.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\232.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\234.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\246.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\252.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\253.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\262.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\263.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\281.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\288.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\311.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\335.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\339.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\345.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\354.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\356.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\376.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\379.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\380.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\385.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\390.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\391.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\4.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\419.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\424.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\47.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\64.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\7.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\78.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\80.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\9.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\91.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\97.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode\background.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode\extension.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon128.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon16.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon48.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\actions\1.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\746bdf5e8fc4b4f77d3a19a37cc88ffa.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\80d606d74489ecc0a37247b45fc453db.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\main.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\51a2ecbd8502393959fa5c20bf2ca092.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\59f8ce7294a2ddd751fffda071360b24.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\66e70e70e92a9a66b4304d6218b2b049.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\8b00b5a2a5e3166050151a41e9fab308.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\94e2449e0db5386ad61064c121022155.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\pageAction.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\10478954099fcc22aa900a38760a7fd9.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\1a0b7f9afdb2ec749db194e05b8aa2b0.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\1c1e49e603a7fbe4f2e8a4ca8a7e68e3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\3209185a0bd1d1d6fab9b83730e2b564.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\349286324a4d9623739759f60ab3e967.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\490e0215f9966e6062deedf850d15ac8.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\77d5b8dcccd0d16884a6c9292ce6f677.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\850b6e40d90d2c7e8384e9638ce922a6.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\app_api.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\bad0521cd2d417931d6d2405cd2ae3e3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\c5e1fc6ea6f2f0eb4e24b4acfc1f37d8.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\c712f22bc0995cab07cb5ccb4f9c8ce3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\ca5f69021b2fc5ec40fa4650c0654205.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\ebb33da5dd9994c9fc143ffe73b21458.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\f164f8a98e1aa084b95bccf6af57f704.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\installer.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource\newPopup.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource\popup.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\000004.log, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\000005.ldb, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\CURRENT, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOCK, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOG, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOG.old, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\MANIFEST-000001, , [0f7673711585a19532772e54bb47f10f],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 7.12.2016
Čas skenování: 18:55
Protokol:
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.12.07.09
Databáze rootkitů: v2016.11.20.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Tetrev
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345679
Uplynulý čas: 5 min, 46 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 11
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e1a48361a2f814222c07cc8e857de41c],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}, , [256053916f2bf6401b1ab3a7f111ac54],
PUP.Optional.GlobalUpdate, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [aadbf7ed465484b2dd60fc5ed2306e92],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv, , [cabb9c484c4e72c453f2f335d62d9070],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv-edge, , [c2c3faeae8b269cd88bd63c57093ba46],
PUP.Optional.Cinema, HKLM\SOFTWARE\WOW6432NODE\CinemaP-1.9cV09.11-nv-ie, , [87fefee6fe9c45f1da6bd4542ed540c0],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV09.11-nv, , [681d756f47536accf44b40e82cd73ac6],
PUP.Optional.Cinema, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV09.11-nv-ie, , [4d38c51f2e6cc96d370866c24cb7f010],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv, , [72139d47afeb4aecd86700285da601ff],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv-edge, , [cdb88064f2a887afd36cc860f70c47b9],
PUP.Optional.Cinema, HKU\S-1-5-21-3374175700-459317722-1100794181-1000\SOFTWARE\CinemaP-1.9cV09.11-nv-ie, , [a9dcd014a1f9cb6b053a65c346bdfd03],
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 12
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\actions, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi, , [0f7673711585a19532772e54bb47f10f],
Soubory: 101
PUP.Optional.OpenCandy, C:\Users\Tetrev\Downloads\cdbxp_setup_4.5.6.5931.exe, , [3c499252c7d349ed67c7c569b44e5da3],
PUP.Optional.Amonetize, C:\Users\Tetrev\Downloads\File__16450_i1746621677_il85.ace, , [03827173e8b2be7873dbe414956ba858],
PUP.Optional.Amonetize, C:\Users\Tetrev\Downloads\File__16450_i1746631724_il85.ace, , [1b6a01e37d1df541044add1bff013ec2],
HackTool.WpaKill, C:\Users\Tetrev\Downloads\Windows-7-Activator.rar, , [7015db09ff9b201671d556f60100768a],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\7ak9Wsg6sWE5.exe, , [88fde2022a7087af70bc2d45df22da26],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\background.html, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\chromeCoreFilesIndex.txt, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\manifest.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\popup.html, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\Settings.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\manifest.xml, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins.json, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\273.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\102.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\104.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\119.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\13.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\14.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\17.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\178.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\179.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\180.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\184.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\19.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\195.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\200.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\220.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\223.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\231.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\232.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\234.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\246.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\252.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\253.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\262.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\263.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\281.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\288.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\311.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\335.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\339.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\345.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\354.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\356.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\376.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\379.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\380.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\385.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\390.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\391.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\4.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\419.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\424.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\47.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\64.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\7.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\78.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\80.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\9.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\91.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\plugins\97.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode\background.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\extensionData\userCode\extension.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon128.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon16.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\icon48.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\icons\actions\1.png, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\746bdf5e8fc4b4f77d3a19a37cc88ffa.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\80d606d74489ecc0a37247b45fc453db.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\main.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\51a2ecbd8502393959fa5c20bf2ca092.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\59f8ce7294a2ddd751fffda071360b24.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\66e70e70e92a9a66b4304d6218b2b049.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\8b00b5a2a5e3166050151a41e9fab308.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\94e2449e0db5386ad61064c121022155.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\api\pageAction.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\10478954099fcc22aa900a38760a7fd9.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\1a0b7f9afdb2ec749db194e05b8aa2b0.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\1c1e49e603a7fbe4f2e8a4ca8a7e68e3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\3209185a0bd1d1d6fab9b83730e2b564.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\349286324a4d9623739759f60ab3e967.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\490e0215f9966e6062deedf850d15ac8.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\77d5b8dcccd0d16884a6c9292ce6f677.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\850b6e40d90d2c7e8384e9638ce922a6.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\app_api.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\bad0521cd2d417931d6d2405cd2ae3e3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\c5e1fc6ea6f2f0eb4e24b4acfc1f37d8.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\c712f22bc0995cab07cb5ccb4f9c8ce3.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\ca5f69021b2fc5ec40fa4650c0654205.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\ebb33da5dd9994c9fc143ffe73b21458.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\f164f8a98e1aa084b95bccf6af57f704.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\installer.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource\newPopup.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi\1.26.114_0\js\lib\popupResource\popup.js, , [10751cc86733be78dccb3052877b7b85],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\000004.log, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\000005.ldb, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\CURRENT, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOCK, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOG, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\LOG.old, , [0f7673711585a19532772e54bb47f10f],
PUP.Optional.CrossRider, C:\Users\Tetrev\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi\MANIFEST-000001, , [0f7673711585a19532772e54bb47f10f],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Přispějete na provoz fóra?