v poslednej dobe, presnejšie od 2.8. mi začala MSE vyhadzovať v pravom dolnom rohu hlášku "nie je potrebná žiadna akcia", tak som sa pozrel do histórie a zbadal som súbory IE.exe a IEcache.exe, ktorá sa nachádzajú v priečinku windows - označilo ich ako Trojan a hneď dalo do karantény. Tak som tomu nekládol dôraz, no odvtedy sa každý deň ten súbor znovu odoslal do karantény. Takisto sa tieto súbory spúšťali pri štarte obe, tak som skúsil sken MBAM, ktorý mi vyhodil viacero hrozieb (prikladám správu skenu). Tam som si všimol popis BitcoinMiner, tak som pokračoval a odstránil ich ako mi MBAM ponúkol. Po reštarte sa súbory už cez MSE nehádzali do karantény, no po ďalšom štarte mi to znova vyhodilo. Odvtedy sa do karantény presúva iba iecache.exe, no IE.exe sa aj po odstránení z windows prečinka znova po reštarte objaví a pri kontrole mi ho MBAM označí ako trojan, vymaže, no po reštarte je tam súbor znova. Virustotal neukazuje žiadnu hrozbu (prikladám link). Vedomí si všetkých rizík som skúsil Combofix, no ten neoznačil tieto súbory ako hrozbu, iba niečo iné, tak som celý proces nechal podľa pokynov utilitky dokončiť. AdwCleaner nenašiel nič, ani opakovane. Mám obavy, že tam stále sú nejaké pozostatky a dočítal som sa, že to dokáže odcudziť osobné údaje, preto sa obraciam na Vás profesionálov s prosbou o pomoc. Prikladám RSIT log na kontrolu. V minulosti som sa stretol s otázkou ohľadom verzie môjho win, mám ho ako OEM verziu od IT učiteľa, ak by boli nejaké nezrovnalosti.
Virustotal výsledok:
Kód: Vybrat vše
https://www.virustotal.com/#/file/1ed0b0b101e00d46641ed0b04752ecd78e4342d7107257110b79e44c0ea1f1a7/detectionRSIT log:Malwarebytes
http://www.malwarebytes.com
-Podrobnosti denníka-
Dátum skenovania: 11.08.18
Čas skenovania: 14:31
Súbor denníka: 681b61ea-9d62-11e8-ba93-0250f2000001.json
Správca: Áno
-Údaje o softvéri-
Verzia: 3.5.1.2522
Verzia súčastí: 1.0.365
Aktualizovať verziu balíka: 1.0.6299
Licencia: Zadarmo
-Systémové informácie-
OS: Windows 7 Service Pack 1
Procesor: x64
Systém súborov: NTFS
Používateľ: Maro\u00c5\u00a1-PC\Maros
-Zhrnutie skenovania-
Typ skenovania: Vyhľadávanie hrozieb
Skenovanie bolo spustené: Manuálne
Výsledok: Dokončené
Preskenované objekty: 306803
Zistené hrozby: 22
Hrozby umiestnené do karantény: 17
Uplynulý čas: 23 min, 38 s
-Možnosti skenovania-
Pamäť: Povolené
Spúšťanie: Povolené
Systém súborov: Povolené
Archívy: Povolené
Rootkity: Zakázané
Heuristika: Povolené
PUP: Zistiť
PUM: Zistiť
-Podrobnosti skenovania-
Proces: 2
RiskWare.BitCoinMiner, C:\WINDOWS\IECACHE.EXE, Umiestené do karantény, [930], [549074],1.0.6299
RiskWare.BitCoinMiner, C:\WINDOWS\IECACHE.EXE, Umiestené do karantény, [930], [549074],1.0.6299
Modul: 2
RiskWare.BitCoinMiner, C:\WINDOWS\IECACHE.EXE, Umiestené do karantény, [930], [549074],1.0.6299
RiskWare.BitCoinMiner, C:\WINDOWS\IECACHE.EXE, Umiestené do karantény, [930], [549074],1.0.6299
Kľúč databázy Registry: 6
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoKMS, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3738088-A760-4CA4-A3AE-C15832995EE6}, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\BOOT\{C3738088-A760-4CA4-A3AE-C15832995EE6}, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\AutoKMSDaily, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{1166C31E-C980-4CFD-B679-4125E910E493}, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\PLAIN\{1166C31E-C980-4CFD-B679-4125E910E493}, Umiestené do karantény, [7934], [89405],1.0.6299
Hodnota databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Údaje databázy Registry: 0
(Nezistili sa nijaké škodlivé položky)
Prúd údajov: 0
(Nezistili sa nijaké škodlivé položky)
Priečinok: 0
(Nezistili sa nijaké škodlivé položky)
Súbor: 12
Trojan.Downloader, C:\WINDOWS\IE.EXE, Umiestené do karantény, [857], [207247],1.0.6299
RiskWare.BitCoinMiner, C:\WINDOWS\IECACHE.EXE, Umiestené do karantény, [930], [549074],1.0.6299
CrackTool.Agent.Keygen, C:\WINDOWS\SYSTEM32\TASKS\AutoKMS, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, C:\WINDOWS\SYSTEM32\TASKS\AutoKMSDaily, Umiestené do karantény, [7934], [89405],1.0.6299
CrackTool.Agent.Keygen, C:\WINDOWS\AUTOKMS.EXE, Umiestené do karantény, [7934], [89405],1.0.6299
PUP.Optional.OpenCandy, C:\USERS\MAROS\APPDATA\ROAMING\UTORRENT\UPDATES\3.4.2_37754.EXE, Bez zásahu používateľa, [1043], [431539],1.0.6299
PUP.Optional.OpenCandy, C:\USERS\MAROS\APPDATA\ROAMING\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk, Bez zásahu používateľa, [1043], [431539],1.0.6299
PUP.Optional.OpenCandy, C:\USERS\MAROS\APPDATA\ROAMING\Microsoft\Windows\Start Menu\µTorrent.lnk, Bez zásahu používateľa, [1043], [431539],1.0.6299
PUP.Optional.OpenCandy, C:\USERS\MAROS\DESKTOP\Programy\µTorrent.lnk, Bez zásahu používateľa, [1043], [431539],1.0.6299
PUP.Optional.OpenCandy, C:\USERS\MAROS\APPDATA\ROAMING\UTORRENT\UTORRENT.EXE, Bez zásahu používateľa, [1043], [431539],1.0.6299
Generic.Malware/Suspicious, C:\PROGRAM FILES (X86)\ICECREAM PDF SPLIT AND MERGE\URET NFO V2.2.EXE, Umiestené do karantény, [0], [392686],1.0.6299
RiskWare.Tool.CK, C:\WINDOWS\KMSEMULATOR.EXE, Umiestené do karantény, [5807], [137642],1.0.6299
Fyzický sektor: 0
(Nezistili sa nijaké škodlivé položky)
WMI: 0
(Nezistili sa nijaké škodlivé položky)
(end)
Logfile of random's system information tool 1.10 (written by random/random)
Run by Maros at 2018-08-16 14:31:08
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 17 GB (17%) free of 100 GB
Total RAM: 3932 MB (25% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:31:31, on 16. 8. 2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\SearchIndexer.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\trend micro\Maros.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - Startup: Firemin.lnk = C:\Program Files\Rizonesoft\Firemin\Firemin.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Software Protection (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Windows Indexer - Unknown owner - C:\Windows\SearchIndexer.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player - služba zdieľania v sieti (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10861 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE" "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe"
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe
C:\Windows\system32\WLANExt.exe 29804928
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
\??\C:\Windows\system32\conhost.exe "-1975403492-757072541106859599516606699201863462429-1774105150-883640612-542033430
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {69B49AF6-61BD-469E-BA1D-982210D11E5C}
taskeng.exe {4CA4E2AA-818E-43B7-83A9-D0DC5F17A493}
taskeng.exe {32E06593-B8F7-4EFE-A175-E5DA7123E63E}
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe "-215303930-638678950-1384432550-1792538241-1022331146379152573707879783433689037
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\SearchIndexer.exe
c1 c2 c3 c4 c5 c6 c7 c8
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe "
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer13_Logfile.log
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe"
C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe --type=crashpad-handler --user-data-dir=C:\Users\Maros\AppData\Roaming\brave /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Maros\AppData\Roaming\brave\Crashpad --metrics-dir=C:\Users\Maros\AppData\Roaming\brave --url=https://laptop-updates.brave.com/1/crashes --annotation=plat=Win64 --annotation=prod=Brave --annotation=ver=0.23.79-devel --initial-client-data=0x124,0x128,0x12c,0x11c,0x130,0x7fee67b14d0,0x7fee67b14e0,0x7fee67b14f0
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=gpu-process --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=95F93557D51C39144A5AAE7E4F81018F --mojo-platform-channel-handle=1136 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --disable-databases --service-pipe-token=2F7EE098A3F5DD407171F1F421CAE858 --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=2F7EE098A3F5DD407171F1F421CAE858 --renderer-client-id=5 --mojo-platform-channel-handle=2412 /prefetch:1
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=4333D2441952F1F7F245E58AB42B5B6E --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=4333D2441952F1F7F245E58AB42B5B6E --renderer-client-id=7 --mojo-platform-channel-handle=2688 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --disable-databases --service-pipe-token=EDB9455BE9993BBF7B7B8B94BAB57D9C --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=EDB9455BE9993BBF7B7B8B94BAB57D9C --renderer-client-id=8 --mojo-platform-channel-handle=3344 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=01332D88DFD5B95FAB2D3A80C994DB3C --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=01332D88DFD5B95FAB2D3A80C994DB3C --renderer-client-id=9 --mojo-platform-channel-handle=3372 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=E869A80DA60C72EDC0B6E2C2DD7DEDAD --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=E869A80DA60C72EDC0B6E2C2DD7DEDAD --renderer-client-id=10 --mojo-platform-channel-handle=3380 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=DDE8E0A9DB8D22075EE333FF4866DBA3 --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=DDE8E0A9DB8D22075EE333FF4866DBA3 --renderer-client-id=11 --mojo-platform-channel-handle=3388 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --disable-databases --service-pipe-token=7BEEB3527B079EB4E3C44DA17C3B573F --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --extension-process --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=7BEEB3527B079EB4E3C44DA17C3B573F --renderer-client-id=12 --mojo-platform-channel-handle=3396 /prefetch:1
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=1201A7010BC31AE0AEEFFA2E604C7AB5 --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=1201A7010BC31AE0AEEFFA2E604C7AB5 --renderer-client-id=14 --mojo-platform-channel-handle=5300 /prefetch:1
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "185826049612039889402705885661894291061-405857226827224810-559188110-1156198418
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:OIELif8l+0Sactal.1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Users\Maros\AppData\Local\Brave\app-0.23.79\Brave.exe" --type=renderer --enable-features=fill-on-account-select --disable-features=GuestViewCrossProcessFrames,PreferHtmlOverPlugins,TouchpadAndWheelScrollLatching,Ukm,UnifiedAutoplay --service-pipe-token=FEF40748DF6EEE28C5E6A4FA07610D1E --lang=cs --app-user-model-id=com.squirrel.brave.Brave --muon-app-version=0.23.79 --muon-app-channel=dev --disable-client-side-phishing-detection --ppapi-flash-path="C:\Windows\system32\Macromed\Flash\pepflashplayer64_30_0_0_154.dll" --ppapi-flash-version=30.0.0.154 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=FEF40748DF6EEE28C5E6A4FA07610D1E --renderer-client-id=20 --mojo-platform-channel-handle=6568 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Maros\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\hl2w7qdc.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.sk"
"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=13.0.1]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=13.0.1.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\Maros\AppData\Roaming\Mozilla\Firefox\Profiles\hl2w7qdc.default\extensions\
trash
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-07-03 265672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-03-28 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-03-28 140512]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"=C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [2012-12-07 7138816]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-10-05 2873744]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2015-06-04 173672]
"Persistence"=C:\Windows\system32\igfxpers.exe [2015-06-04 444008]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-05-26 16781824]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-05-26 1483264]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1353680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2017-11-01 3500056]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27 1171480]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-03-27 2404952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01 508128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeGCInvoker-1.0]
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11 316392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
C:\Program Files (x86)\BlueStacks\HD-Agent.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-06-24 18385368]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot]
C:\Program Files (x86)\Connectify\Connectify.exe autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2018-01-30 3031232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2018-01-30 5263040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Maroš\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3520 series (NET)]
C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-02-29 56088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyPublicWiFi]
C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26 653728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files (x86)\uTorrent\uTorrent.exe /MINIMIZED []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WiFiShare]
C:\Program Files (x86)\Wi-Fi\Wi-Fi.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2016-10-08 2137744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\流量宝]
C:\Users\Maroš\AppData\Roaming\Liuliangbao\Á÷Áż°ć.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PrivateTunnel.lnk]
C:\PROGRA~2\OPENVP~1\PRIVAT~1\PRIVAT~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Vypress Chat StartUp.lnk]
C:\Windows\Installer\{EEBD06D3-FED8-47D4-9E3B-9FAE43CD24B5}\iconVCAdvertised.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maroš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.9u4.lnk]
C:\Users\MARO~1\Desktop\Programy\FREERA~1.9U4\FREERA~1.9U4\frd.exe -m []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maroš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KairosPlanet.lnk]
C:\PROGRA~2\KAIROS~1\KAIROS~1.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maroš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series (Network).lnk]
C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll [2012-10-17 5699176]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Maroš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3520 series.lnk]
C:\Program Files\HP\HP Deskjet 3520 series\bin\HPStatusBL.dll [2012-10-17 5699176]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-02-27 291608]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Maros\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Firemin.lnk - C:\Program Files\Rizonesoft\Firemin\Firemin.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2015-05-26 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.X264"=x264vfw64.dll
"VIDC.HFYU"=huffyuv.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2018-08-16 14:31:08 ----D---- C:\rsit
2018-08-16 14:31:08 ----D---- C:\Program Files\trend micro
2018-08-15 17:42:56 ----A---- C:\Windows\IE.exe
2018-08-15 16:19:45 ----A---- C:\ComboFix.txt
2018-08-15 16:11:49 ----SHD---- C:\$RECYCLE.BIN
2018-08-15 15:56:28 ----A---- C:\Windows\system32\mshtml.dll
2018-08-15 15:56:28 ----A---- C:\Windows\system32\cscsvc.dll
2018-08-15 15:56:28 ----A---- C:\Windows\system32\cscdll.dll
2018-08-15 15:56:28 ----A---- C:\Windows\system32\cscapi.dll
2018-08-15 15:56:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-08-15 15:56:24 ----A---- C:\Windows\system32\ieframe.dll
2018-08-15 15:56:22 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-08-15 15:56:21 ----A---- C:\Windows\system32\jscript9.dll
2018-08-15 15:56:20 ----A---- C:\Windows\system32\wininet.dll
2018-08-15 15:56:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-08-15 15:56:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-08-15 15:56:19 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-15 15:56:19 ----A---- C:\Windows\system32\drivers\processr.sys
2018-08-15 15:56:19 ----A---- C:\Windows\system32\drivers\intelppm.sys
2018-08-15 15:56:19 ----A---- C:\Windows\system32\drivers\csc.sys
2018-08-15 15:56:19 ----A---- C:\Windows\system32\drivers\amdppm.sys
2018-08-15 15:56:19 ----A---- C:\Windows\system32\drivers\amdk8.sys
2018-08-15 15:56:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-08-15 15:56:18 ----A---- C:\Windows\system32\urlmon.dll
2018-08-15 15:56:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-08-15 15:56:17 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-08-15 15:56:17 ----A---- C:\Windows\system32\win32k.sys
2018-08-15 15:56:17 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-15 15:56:16 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-08-15 15:56:16 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-08-15 15:56:16 ----A---- C:\Windows\system32\iertutil.dll
2018-08-15 15:56:15 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2018-08-15 15:56:15 ----A---- C:\Windows\system32\msi.dll
2018-08-15 15:56:15 ----A---- C:\Windows\system32\mf3216.dll
2018-08-15 15:56:13 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-08-15 15:56:13 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-08-15 15:56:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-08-15 15:56:13 ----A---- C:\Windows\system32\vbscript.dll
2018-08-15 15:56:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 15:56:13 ----A---- C:\Windows\system32\jscript.dll
2018-08-15 15:56:13 ----A---- C:\Windows\system32\CscMig.dll
2018-08-15 15:56:12 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-08-15 15:56:12 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-15 15:56:12 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-15 15:56:11 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-08-15 15:56:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-08-15 15:56:11 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2018-08-15 15:56:11 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2018-08-15 15:56:11 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-15 15:56:11 ----A---- C:\Windows\system32\msiexec.exe
2018-08-15 15:56:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-08-15 15:56:10 ----A---- C:\Windows\system32\ntdll.dll
2018-08-15 15:56:10 ----A---- C:\Windows\system32\iedkcs32.dll
2018-08-15 15:56:10 ----A---- C:\Windows\system32\hal.dll
2018-08-15 15:56:10 ----A---- C:\Windows\system32\fontsub.dll
2018-08-15 15:56:09 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-08-15 15:56:09 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-08-15 15:56:09 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-08-15 15:56:09 ----A---- C:\Windows\system32\t2embed.dll
2018-08-15 15:56:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-08-15 15:56:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-08-15 15:56:08 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-08-15 15:56:08 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2018-08-15 15:56:08 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-08-15 15:56:08 ----A---- C:\Windows\system32\hlink.dll
2018-08-15 15:56:08 ----A---- C:\Windows\system32\drivers\netio.sys
2018-08-15 15:56:08 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2018-08-15 15:56:08 ----A---- C:\Windows\system32\consent.exe
2018-08-15 15:56:07 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-08-15 15:56:07 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2018-08-15 15:56:07 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-08-15 15:56:07 ----A---- C:\Windows\system32\msimg32.dll
2018-08-15 15:56:07 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-15 15:56:07 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-15 15:56:07 ----A---- C:\Windows\system32\atmfd.dll
2018-08-15 15:56:06 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-08-15 15:56:06 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-08-15 15:56:06 ----A---- C:\Windows\system32\webcheck.dll
2018-08-15 15:56:06 ----A---- C:\Windows\system32\rpcrt4.dll
2018-08-15 15:56:06 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-15 15:56:06 ----A---- C:\Windows\system32\conhost.exe
2018-08-15 15:56:06 ----A---- C:\Windows\system32\certcli.dll
2018-08-15 15:56:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-08-15 15:56:05 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-08-15 15:56:05 ----A---- C:\Windows\system32\schannel.dll
2018-08-15 15:56:05 ----A---- C:\Windows\system32\rstrui.exe
2018-08-15 15:56:05 ----A---- C:\Windows\system32\lsasrv.dll
2018-08-15 15:56:05 ----A---- C:\Windows\system32\kernel32.dll
2018-08-15 15:56:05 ----A---- C:\Windows\system32\kerberos.dll
2018-08-15 15:56:05 ----A---- C:\Windows\system32\advapi32.dll
2018-08-15 15:56:04 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-08-15 15:56:04 ----A---- C:\Windows\system32\winsrv.dll
2018-08-15 15:56:04 ----A---- C:\Windows\system32\wdigest.dll
2018-08-15 15:56:04 ----A---- C:\Windows\system32\TSpkg.dll
2018-08-15 15:56:04 ----A---- C:\Windows\system32\srcore.dll
2018-08-15 15:56:04 ----A---- C:\Windows\system32\smss.exe
2018-08-15 15:56:04 ----A---- C:\Windows\system32\msv1_0.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-08-15 15:56:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\rpchttp.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\ncrypt.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\KernelBase.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\inseng.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\csrsrv.dll
2018-08-15 15:56:03 ----A---- C:\Windows\system32\auditpol.exe
2018-08-15 15:56:02 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-08-15 15:56:02 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-08-15 15:56:02 ----A---- C:\Windows\system32\appidapi.dll
2018-08-15 15:56:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-08-15 15:56:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-08-15 15:56:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\wow64win.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\sspicli.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\ntvdm64.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\ieui.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-08-15 15:56:01 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-08-15 15:56:01 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-08-15 15:56:01 ----A---- C:\Windows\system32\bcrypt.dll
2018-08-15 15:56:01 ----A---- C:\Windows\system32\appidsvc.dll
2018-08-15 15:56:00 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\wow64cpu.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\wow64.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\sspisrv.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\srclient.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\secur32.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\lsass.exe
2018-08-15 15:56:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-08-15 15:56:00 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-15 15:56:00 ----A---- C:\Windows\system32\cryptbase.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\credssp.dll
2018-08-15 15:56:00 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-08-15 15:55:59 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-08-15 15:55:59 ----A---- C:\Windows\system32\authui.dll
2018-08-15 15:55:59 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 15:55:59 ----A---- C:\Windows\system32\apisetschema.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 15:55:58 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 15:55:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 15:55:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 15:55:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 15:55:57 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-08-15 15:55:57 ----A---- C:\Windows\system32\mshtmled.dll
2018-08-15 15:55:57 ----A---- C:\Windows\system32\dxtrans.dll
2018-08-15 15:55:57 ----A---- C:\Windows\system32\dxtmsft.dll
2018-08-15 15:55:56 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-08-15 15:55:56 ----A---- C:\Windows\system32\msrating.dll
2018-08-15 15:55:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 15:55:55 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 15:55:55 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 15:55:55 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 15:55:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-08-15 15:55:55 ----A---- C:\Windows\system32\occache.dll
2018-08-15 15:55:55 ----A---- C:\Windows\system32\msihnd.dll
2018-08-15 15:55:55 ----A---- C:\Windows\system32\jsproxy.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-08-15 15:55:54 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-08-15 15:55:54 ----A---- C:\Windows\system32\ieUnatt.exe
2018-08-15 15:55:54 ----A---- C:\Windows\system32\appinfo.dll
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\user.exe
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-08-15 15:55:53 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\iesetup.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\iernonce.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-08-15 15:55:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-08-15 15:55:53 ----A---- C:\Windows\system32\adtschema.dll
2018-08-15 15:55:52 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-08-15 15:55:52 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-08-15 15:55:52 ----A---- C:\Windows\SYSWOW64\lpk.dll
2018-08-15 15:55:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-08-15 15:55:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-08-15 15:55:52 ----A---- C:\Windows\system32\msobjs.dll
2018-08-15 15:55:52 ----A---- C:\Windows\system32\msaudite.dll
2018-08-15 15:55:52 ----A---- C:\Windows\system32\lpk.dll
2018-08-15 15:55:52 ----A---- C:\Windows\system32\dciman32.dll
2018-08-15 15:55:51 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2018-08-15 15:55:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2018-08-15 15:55:51 ----A---- C:\Windows\system32\atmlib.dll
2018-08-15 15:55:50 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-08-15 15:55:50 ----A---- C:\Windows\system32\tzres.dll
2018-08-15 15:55:47 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-08-15 15:55:47 ----A---- C:\Windows\system32\msimsg.dll
2018-08-15 15:55:47 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-08-15 15:49:29 ----A---- C:\Windows\zip.exe
2018-08-15 15:49:29 ----A---- C:\Windows\SWSC.exe
2018-08-15 15:49:29 ----A---- C:\Windows\SWREG.exe
2018-08-15 15:49:29 ----A---- C:\Windows\sed.exe
2018-08-15 15:49:29 ----A---- C:\Windows\PEV.exe
2018-08-15 15:49:29 ----A---- C:\Windows\NIRCMD.exe
2018-08-15 15:49:29 ----A---- C:\Windows\MBR.exe
2018-08-15 15:49:29 ----A---- C:\Windows\grep.exe
2018-08-15 15:48:16 ----D---- C:\Qoobox
2018-08-15 15:47:01 ----D---- C:\Windows\erdnt
2018-08-15 14:44:51 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2018-08-15 14:30:23 ----A---- C:\Windows\ntbtlog.txt
2018-08-08 20:26:24 ----A---- C:\Windows\SYSWOW64\proc.txt
2018-08-01 21:24:50 ----D---- C:\Program Files (x86)\Microsoft
2018-08-01 17:22:39 ----D---- C:\Users\Maros\AppData\Roaming\Sun
2018-07-20 15:47:02 ----A---- C:\Windows\system32\shell32.dll
2018-07-20 15:47:01 ----A---- C:\Windows\SYSWOW64\shell32.dll
2018-07-20 15:47:01 ----A---- C:\Windows\system32\ucrtbase.dll
2018-07-20 15:47:00 ----A---- C:\Windows\system32\ExplorerFrame.dll
2018-07-20 15:46:59 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2018-07-20 15:46:58 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2018-07-20 15:46:57 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-07-20 15:46:57 ----A---- C:\Windows\system32\zipfldr.dll
2018-07-20 15:46:57 ----A---- C:\Windows\system32\wkssvc.dll
2018-07-20 15:46:57 ----A---- C:\Windows\system32\drivers\usbport.sys
2018-07-20 15:46:57 ----A---- C:\Windows\system32\drivers\dfsc.sys
2018-07-20 15:46:57 ----A---- C:\Windows\system32\dnsapi.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\dnsrslvr.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2018-07-20 15:46:54 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2018-07-20 15:46:53 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2018-07-20 15:46:53 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2018-07-20 15:46:51 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 15:46:51 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-20 15:46:51 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-20 15:46:49 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2018-07-20 15:46:49 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2018-07-20 15:46:49 ----A---- C:\Windows\system32\dnscacheugc.exe
2018-07-20 15:46:45 ----A---- C:\Windows\system32\ole32.dll
2018-07-20 15:46:45 ----A---- C:\Windows\system32\drivers\usbhub.sys
2018-07-20 15:46:44 ----A---- C:\Windows\SYSWOW64\ole32.dll
2018-07-20 15:46:40 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2018-07-20 15:46:33 ----A---- C:\Windows\system32\rpcss.dll
2018-07-20 15:46:25 ----A---- C:\Windows\system32\drivers\usbehci.sys
2018-07-20 15:46:22 ----A---- C:\Windows\system32\MPSSVC.dll
2018-07-20 15:46:22 ----A---- C:\Windows\system32\comcat.dll
2018-07-20 15:46:21 ----A---- C:\Windows\system32\FirewallAPI.dll
2018-07-20 15:46:20 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2018-07-20 15:46:20 ----A---- C:\Windows\SYSWOW64\comcat.dll
2018-07-20 15:46:18 ----A---- C:\Windows\system32\icfupgd.dll
2018-07-20 15:46:14 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2018-07-20 15:46:14 ----A---- C:\Windows\system32\wfapigp.dll
2018-07-20 15:46:11 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2018-07-20 15:46:11 ----A---- C:\Windows\system32\drivers\usbohci.sys
2018-07-20 15:46:10 ----A---- C:\Windows\SYSWOW64\oleres.dll
2018-07-20 15:46:10 ----A---- C:\Windows\system32\oleres.dll
2018-07-20 15:46:10 ----A---- C:\Windows\system32\drivers\usbd.sys
2018-07-19 14:21:36 ----A---- C:\Windows\system32\generaltel.dll
2018-07-19 14:21:36 ----A---- C:\Windows\system32\appraiser.dll
2018-07-19 14:21:36 ----A---- C:\Windows\system32\aitstatic.exe
2018-07-19 14:21:36 ----A---- C:\Windows\system32\aeinv.dll
2018-07-19 14:21:35 ----A---- C:\Windows\system32\invagent.dll
2018-07-19 14:21:35 ----A---- C:\Windows\system32\devinv.dll
2018-07-19 14:21:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-07-19 14:21:35 ----A---- C:\Windows\system32\centel.dll
2018-07-19 14:21:35 ----A---- C:\Windows\system32\aepic.dll
2018-07-19 14:21:35 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2018-08-16 14:31:08 ----D---- C:\Program Files
2018-08-16 14:29:55 ----D---- C:\Windows\Temp
2018-08-16 14:29:07 ----D---- C:\Users\Maros\AppData\Roaming\brave
2018-08-16 14:29:04 ----D---- C:\Windows
2018-08-16 14:27:03 ----D---- C:\ProgramData\NVIDIA
2018-08-16 14:19:56 ----D---- C:\Windows\system32\drivers
2018-08-16 14:18:00 ----D---- C:\Windows\System32
2018-08-16 14:18:00 ----D---- C:\Windows\inf
2018-08-16 14:18:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-16 14:16:34 ----A---- C:\Windows\SYSWOW64\log.txt
2018-08-16 14:11:29 ----D---- C:\Program Files (x86)\TeamViewer
2018-08-16 14:10:31 ----D---- C:\Windows\Minidump
2018-08-16 14:09:21 ----D---- C:\Windows\system32\config
2018-08-16 14:05:16 ----D---- C:\ProgramData\ProductData
2018-08-15 17:49:23 ----D---- C:\Windows\Microsoft.NET
2018-08-15 17:49:22 ----RSD---- C:\Windows\assembly
2018-08-15 17:39:05 ----D---- C:\Windows\winsxs
2018-08-15 17:31:14 ----D---- C:\Program Files\Internet Explorer
2018-08-15 17:31:09 ----D---- C:\Program Files (x86)\Internet Explorer
2018-08-15 17:31:06 ----D---- C:\Windows\SYSWOW64\sk-SK
2018-08-15 17:31:05 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-15 17:31:03 ----D---- C:\Windows\SYSWOW64\en-US
2018-08-15 17:31:00 ----D---- C:\Windows\SysWOW64
2018-08-15 17:30:42 ----D---- C:\Windows\system32\sk-SK
2018-08-15 17:30:39 ----D---- C:\Windows\system32\cs-CZ
2018-08-15 17:30:34 ----D---- C:\Windows\system32\en-US
2018-08-15 17:29:59 ----D---- C:\Windows\AppPatch
2018-08-15 17:29:52 ----D---- C:\Windows\system32\Boot
2018-08-15 17:29:51 ----D---- C:\Windows\system32\migration
2018-08-15 17:29:47 ----D---- C:\Windows\system32\DriverStore
2018-08-15 17:28:10 ----D---- C:\Config.Msi
2018-08-15 17:26:51 ----SHD---- C:\Windows\Installer
2018-08-15 17:26:38 ----D---- C:\ProgramData\Microsoft Help
2018-08-15 17:24:50 ----A---- C:\Windows\win.ini
2018-08-15 17:24:35 ----D---- C:\Windows\system32\MRT
2018-08-15 17:18:29 ----D---- C:\Windows\debug
2018-08-15 17:18:19 ----AC---- C:\Windows\system32\MRT.exe
2018-08-15 17:15:12 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-08-15 17:12:41 ----D---- C:\Windows\system32\catroot2
2018-08-15 17:05:46 ----SHD---- C:\System Volume Information
2018-08-15 16:17:55 ----D---- C:\Windows\Tasks
2018-08-15 16:16:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-08-15 16:16:12 ----D---- C:\Windows\system32\Macromed
2018-08-15 16:16:11 ----D---- C:\Windows\SYSWOW64\Macromed
2018-08-15 16:11:47 ----A---- C:\Windows\system.ini
2018-08-15 16:11:38 ----D---- C:\Windows\system32\drivers\etc
2018-08-15 16:10:23 ----D---- C:\Windows\SYSWOW64\NV
2018-08-15 16:10:22 ----D---- C:\Windows\system32\NV
2018-08-15 16:07:00 ----D---- C:\Program Files (x86)
2018-08-15 16:06:59 ----AD---- C:\ProgramData
2018-08-15 16:04:04 ----D---- C:\ProgramData\Temp
2018-08-15 16:03:50 ----D---- C:\Windows\SYSWOW64\drivers
2018-08-15 16:03:49 ----D---- C:\Program Files (x86)\Common Files
2018-08-15 14:23:57 ----D---- C:\Windows\system32\Tasks
2018-08-13 15:24:05 ----D---- C:\Windows\Panther
2018-08-11 11:38:01 ----D---- C:\Windows\Prefetch
2018-08-09 11:53:02 ----D---- C:\Windows\rescache
2018-08-01 21:25:18 ----SD---- C:\Users\Maros\AppData\Roaming\Microsoft
2018-08-01 21:24:50 ----D---- C:\ProgramData\Skype
2018-08-01 21:24:38 ----RD---- C:\Program Files (x86)\Skype
2018-08-01 21:21:45 ----D---- C:\Users\Maros\AppData\Roaming\Skype
2018-08-01 17:20:32 ----D---- C:\Program Files\Java
2018-07-26 22:04:29 ----RSD---- C:\Windows\Fonts
2018-07-22 19:21:20 ----D---- C:\Windows\system32\appraiser
2018-07-22 19:20:02 ----D---- C:\Windows\system32\drivers\cs-CZ
2018-07-22 19:20:01 ----D---- C:\Windows\system32\drivers\en-US
2018-07-19 19:28:30 ----D---- C:\Windows\SoftwareDistribution
2018-07-19 18:54:22 ----RD---- C:\Users
2018-07-17 18:24:54 ----D---- C:\Program Files\Mozilla Firefox
2018-07-17 18:24:54 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-17 00:02:20 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2012-02-01 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 295000]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2018-03-25 48032]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2012-12-07 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2018-06-29 516096]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\rsdrvx64.sys [2009-02-12 26024]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-03-31 27552]
R1 ndisrd;WinpkFilter LightWeight Filter; C:\Windows\system32\DRIVERS\ndisrd.sys [2014-08-14 43088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2012-08-13 21080]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2012-12-07 22592]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2017-04-07 10202360]
R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2012-12-07 21568]
R3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2015-12-09 59088]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2012-08-14 70744]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2018-02-08 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2018-02-08 47672]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-10-05 328592]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-05-26 5375448]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-05-26 5545512]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-10-02 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2015-12-09 358896]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2015-12-09 458960]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2018-08-15 253664]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-10-14 190032]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 135928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2018-03-15 67432]
R3 nvvhci;NVVHCI Enumerator Service; C:\Windows\system32\DRIVERS\nvvhci.sys [2018-04-28 68112]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S1 cpuidlep;CpuIdle Pro System Driver; C:\Windows\system32\drivers\cpuidlep.sys []
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2016-10-14 172760]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2016-10-14 600280]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-02-23 184360]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2012-02-23 211496]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-02-23 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-02-23 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 FairplayKD;FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys []
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-11-13 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-11-13 30424]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-05-20 31200]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2016-06-24 68904]
S3 ptun0901;TAP Adapter V9 for Private Tunnel; C:\Windows\system32\DRIVERS\ptun0901.sys [2015-01-26 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2010-08-12 748648]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2017-11-27 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-09-27 83984]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-05-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2018-05-11 2128872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2012-02-22 945440]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 119864]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-03-24 464272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-05-20 630240]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-08-13 11644656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 361816]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06 154440]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-04-22 2960160]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-15 335872]
S3 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-01-05 83768]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-04 280680]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-01-30 3480256]
S3 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-29 348784]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-06 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-07-19 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-07-17 194512]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20 764896]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-14 187072]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Přispějete na provoz fóra?