Dobrý deň,
rád by som Vás poprosil o kontrolu systému + prípadné rady a typy. Pre ochranu a čistenie stačí mi ESET+CCLEANER+MALWAREBYTES?
Tento súbor nemôžem odstrániť: C:\Users\Pekos\Desktop\Chillout
..pesničky sa dajú spustiť, ale súbor sa nedá odstrániť pritom zaberá 0 bajtov:) Píše, že už nieje umiestnená na tom mieste a že mám skontrolovať umiestnenie:) Skúšal som pár tých programov ako Unlocker a Fileassasin, v núdzovom režime a ani vymazanie z príkazového riadku nepomohlo:(
Odinštaloval som tiež hry Praetorians a Commandos, ale stále sú v tom zozname kde sa odinštalujú programy, rád by som ich z toho zoznamu dostal preč:)
Vopred ďakujem, za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-07-30 18:46:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 33 GB (28%) free of 119 GB
Total RAM: 4095 MB (30% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:10, on 30. 7. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal
Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\PrintDisp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Pekos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11289 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\Explorer.EXE
"C:\Windows\AsScrPro.exe"
taskeng.exe {832E8A66-1B18-4117-9105-CF8523353782}
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
ATKOSD.exe
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
KBFiltr.exe
WDC.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"PrintDisp.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\AUDIODG.EXE 0x374
"C:\Users\Pekos\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default
prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2011-01-20 1581376]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-07-30 18:24:08 ----D---- C:\rsit
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:19 ----D---- C:\Program Files (x86)\Blizzard
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:40:48 ----A---- C:\protokol o instalaci cestiny do hry starcraft.txt
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly
======List of files/folders modified in the last 1 month======
2017-07-30 18:46:06 ----D---- C:\Windows\Temp
2017-07-30 18:30:48 ----D---- C:\Windows\system32\config
2017-07-30 18:28:05 ----D---- C:\Windows\Prefetch
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 17:59:35 ----RD---- C:\Program Files (x86)
2017-07-30 17:56:39 ----D---- C:\Windows\system32\drivers
2017-07-30 17:55:12 ----HD---- C:\ProgramData
2017-07-30 17:53:52 ----D---- C:\Windows\system32\Tasks
2017-07-30 17:50:30 ----D---- C:\Windows
2017-07-30 15:43:38 ----D---- C:\Windows\inf
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:34 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-29 09:59:56 ----SHD---- C:\Windows\Installer
2017-07-29 09:59:55 ----SHD---- C:\Config.Msi
2017-07-29 09:59:29 ----SHD---- C:\System Volume Information
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-25 21:41:04 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:12:35 ----D---- C:\Program Files (x86)\Microsoft Games
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe
2017-07-01 09:13:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-01 09:13:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-07-30 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-07-30 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-07-30 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-07-30 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [2017-07-22 390504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventívna kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventívna kontrola
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventívna kontrola
Rudy píše:Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
# AdwCleaner 7.0.1.0 - Logfile created on Mon Jul 31 19:11:50 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 07-31-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Legacy, C:\Program Files (x86)\DAEMON Tools Toolbar
Adware.LoadMoney, C:\ProgramData\Partner
Adware.LoadMoney, C:\ProgramData\Application Data\Partner
Adware.LoadMoney, C:\Users\All Users\Partner
PUP.Adware.Heuristic, C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
PUP.Adware.Heuristic, C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
PUP.Adware.Heuristic, C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser | {21FA44EF-376D-4D53-9B0F-8A89D3229068}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
PUP.Optional.SuperOptimizer, [Key] - HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer, [Key] - HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
PUP.Optional.SuperOptimizer, [Key] - HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
Re: Preventívna kontrola
Tento je už po čistení a reštarte.
# AdwCleaner 7.0.1.0 - Logfile created on Mon Jul 31 19:14:44 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\DAEMON Tools Toolbar
Deleted: C:\ProgramData\Partner
Deleted: C:\ProgramData\Application Data\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Deleted: C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
Deleted: C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Deleted: [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2523 B] - [2017/7/31 19:11:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.1.0 - Logfile created on Mon Jul 31 19:14:44 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\DAEMON Tools Toolbar
Deleted: C:\ProgramData\Partner
Deleted: C:\ProgramData\Application Data\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
Deleted: C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
Deleted: C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Deleted: [Key] - HKLM\SOFTWARE\dt soft\daemon tools toolbar
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{21FA44EF-376D-4D53-9B0F-8A89D3229068}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted: [Key] - HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted: [Key] - HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2523 B] - [2017/7/31 19:11:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventívna kontrola
OK. Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventívna kontrola
Rudy píše:OK. Dejte nový log RSIT.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-08-02 20:00:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (33%) free of 119 GB
Total RAM: 4095 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:00:18, on 2. 8. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Pekos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11251 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {DBA7852A-1F5E-4E3A-9524-4072FA7B196F}
"taskhost.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
ATKOSD.exe
"C:\Windows\AsScrPro.exe"
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\AUDIODG.EXE 0x81c
"C:\Users\Pekos\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default
prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-07-31 21:03:48 ----D---- C:\AdwCleaner
2017-07-30 18:24:08 ----D---- C:\rsit
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:19 ----D---- C:\Program Files (x86)\Blizzard
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly
======List of files/folders modified in the last 1 month======
2017-08-02 20:00:15 ----D---- C:\Windows\Temp
2017-08-02 17:54:32 ----D---- C:\Windows\system32\config
2017-08-02 17:34:59 ----D---- C:\Windows\system32\Tasks
2017-08-02 17:34:23 ----D---- C:\Windows\system32\drivers
2017-08-01 18:03:45 ----SHD---- C:\System Volume Information
2017-07-31 21:30:35 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-31 21:14:39 ----RD---- C:\Program Files (x86)
2017-07-31 21:14:39 ----HD---- C:\ProgramData
2017-07-30 19:32:35 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 19:11:18 ----D---- C:\Windows\Prefetch
2017-07-30 19:09:55 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-07-30 19:09:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 17:50:30 ----D---- C:\Windows
2017-07-30 15:43:38 ----D---- C:\Windows\inf
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-29 09:59:56 ----SHD---- C:\Windows\Installer
2017-07-29 09:59:55 ----SHD---- C:\Config.Msi
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:12:35 ----D---- C:\Program Files (x86)\Microsoft Games
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-08-02 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-08-02 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-08-02 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-08-02 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [2017-07-22 390504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventívna kontrola
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Blizzard
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventívna kontrola
Nový scan.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-08-03 20:28:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (38%) free of 119 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:49, on 3. 8. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Pekos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10986 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f4
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {E658F5AE-B2AA-49D9-AF4B-DF8F5E592175}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
taskeng.exe {CC2983FE-14D0-4C07-A740-95E506019A95}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\AsScrPro.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B60BBA9B-5AFA-4272-B10E-BE67C74E8BC5}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Pekos\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default
prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-08-03 20:28:40 ----D---- C:\rsit
2017-07-31 21:03:48 ----D---- C:\AdwCleaner
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly
======List of files/folders modified in the last 1 month======
2017-08-03 20:28:49 ----D---- C:\Windows\Prefetch
2017-08-03 20:27:26 ----D---- C:\Windows\Temp
2017-08-03 20:27:15 ----D---- C:\Windows\system32\Tasks
2017-08-03 20:26:16 ----D---- C:\Windows\system32\drivers
2017-08-03 20:26:01 ----D---- C:\Windows\system32\config
2017-08-03 20:25:21 ----D---- C:\Windows
2017-08-03 20:13:38 ----RD---- C:\Program Files (x86)
2017-08-02 23:26:01 ----SHD---- C:\Windows\Installer
2017-08-02 23:26:01 ----SHD---- C:\Config.Msi
2017-08-02 23:21:18 ----SHD---- C:\System Volume Information
2017-08-02 20:08:18 ----D---- C:\Windows\inf
2017-07-31 21:30:35 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-31 21:14:39 ----HD---- C:\ProgramData
2017-07-30 19:32:35 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 19:09:55 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-07-30 19:09:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-08-03 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-08-03 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-08-03 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-08-03 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pekos at 2017-08-03 20:28:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 45 GB (38%) free of 119 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:28:49, on 3. 8. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18739)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\AsScrPro.exe
C:\Windows\System32\PrintDisp.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\YoWindow\yowindow.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\trend micro\Pekos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk = ?
O4 - Startup: YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Printer Control - Unknown owner - C:\Windows\system32\PrintCtrl.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10986 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2f4
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {E658F5AE-B2AA-49D9-AF4B-DF8F5E592175}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
C:\Windows\system32\PrintCtrl.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
taskeng.exe {CC2983FE-14D0-4C07-A740-95E506019A95}
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Windows\AsScrPro.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Windows\System32\PrintDisp.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 1050 J410 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN06J2N3FX05HW;CONNECTION=USB;MONITOR=1;
"C:\Program Files (x86)\YoWindow\yowindow.exe" -mt
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
taskeng.exe {B60BBA9B-5AFA-4272-B10E-BE67C74E8BC5}
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Pekos\Desktop\RSITx64.exe"
=========Mozilla firefox=========
ProfilePath - C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default
prefs.js - "browser.startup.homepage" - "https://uloz.to/hledej?q=Naprosti+cizinci&type=videos"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 26.0.0.137 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\Pekos\AppData\Roaming\Mozilla\Firefox\Profiles\0qfziaal.default\extensions\
DTToolbar@toolbarnet.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-12-24 1736704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"PrintDisp"=C:\Windows\system32\PrintDisp.exe [2013-10-30 883168]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2016-07-26 176952]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-05-09 3146704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-13 9803992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 721504]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-04-30 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-12 98304]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-17 2245120]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2010-01-05 170624]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Pekos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 1050 J410 series.lnk - C:\Windows\system32\RunDll32.exe
YoWindow.lnk - C:\Program Files (x86)\YoWindow\yowindow.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-08-03 20:28:40 ----D---- C:\rsit
2017-07-31 21:03:48 ----D---- C:\AdwCleaner
2017-07-30 18:24:08 ----D---- C:\Program Files\trend micro
2017-07-30 17:56:39 ----A---- C:\Windows\system32\drivers\MBAMChameleon.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-07-30 17:56:37 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-07-30 17:56:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-07-30 17:56:10 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2017-07-30 17:55:46 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-07-30 17:55:12 ----D---- C:\ProgramData\Malwarebytes
2017-07-30 17:55:12 ----D---- C:\Program Files\Malwarebytes
2017-07-30 17:50:30 ----A---- C:\Windows\ntbtlog.txt
2017-07-30 17:16:28 ----D---- C:\Program Files (x86)\IObit
2017-07-29 08:53:00 ----D---- C:\Program Files (x86)\Monster-CZ
2017-07-23 13:50:42 ----D---- C:\Program Files (x86)\Eidos Interactive
2017-07-22 21:48:34 ----D---- C:\ProgramData\Riot Games
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2017-07-22 21:47:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2017-07-22 21:47:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2017-07-22 21:45:59 ----D---- C:\Riot Games
2017-07-22 21:39:10 ----D---- C:\Users\Pekos\AppData\Roaming\Riot Games
2017-07-22 21:13:08 ----D---- C:\Users\Pekos\AppData\Roaming\Battle.net
2017-07-22 20:53:31 ----D---- C:\ProgramData\Battle.net
2017-07-22 20:36:00 ----A---- C:\Windows\scunin.dat
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.pif
2017-07-22 20:35:56 ----A---- C:\Windows\ScUnin.exe
2017-07-22 18:08:40 ----A---- C:\Windows\uncsetup.exe
2017-07-11 22:34:53 ----A---- C:\Windows\system32\mshtml.dll
2017-07-11 22:34:49 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-07-11 22:34:44 ----A---- C:\Windows\system32\ieframe.dll
2017-07-11 22:34:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-07-11 22:34:40 ----A---- C:\Windows\system32\jscript9.dll
2017-07-11 22:34:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-07-11 22:34:38 ----A---- C:\Windows\system32\win32k.sys
2017-07-11 22:34:37 ----A---- C:\Windows\system32\urlmon.dll
2017-07-11 22:34:37 ----A---- C:\Windows\system32\tquery.dll
2017-07-11 22:34:36 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-07-11 22:34:36 ----A---- C:\Windows\system32\Query.dll
2017-07-11 22:34:35 ----A---- C:\Windows\system32\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-07-11 22:34:34 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-07-11 22:34:34 ----A---- C:\Windows\system32\vbscript.dll
2017-07-11 22:34:33 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\ExplorerFrame.dll
2017-07-11 22:34:33 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-07-11 22:34:32 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-07-11 22:34:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\Wldap32.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\wininet.dll
2017-07-11 22:34:31 ----A---- C:\Windows\system32\drivers\netio.sys
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2017-07-11 22:34:30 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-07-11 22:34:30 ----A---- C:\Windows\system32\msinfo32.exe
2017-07-11 22:34:29 ----A---- C:\Windows\system32\wdc.dll
2017-07-11 22:34:29 ----A---- C:\Windows\system32\drivers\http.sys
2017-07-11 22:34:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-07-11 22:34:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-11 22:34:28 ----A---- C:\Windows\system32\clfs.sys
2017-07-11 22:34:27 ----A---- C:\Windows\SYSWOW64\wdc.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\pdhui.dll
2017-07-11 22:34:27 ----A---- C:\Windows\system32\iedkcs32.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\pdhui.dll
2017-07-11 22:34:26 ----A---- C:\Windows\SYSWOW64\msinfo32.exe
2017-07-11 22:34:26 ----A---- C:\Windows\system32\jscript.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\wvc.dll
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-07-11 22:34:25 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-07-11 22:34:24 ----A---- C:\Windows\system32\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\wvc.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-07-11 22:34:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-07-11 22:34:23 ----A---- C:\Windows\system32\perfmon.exe
2017-07-11 22:34:23 ----A---- C:\Windows\system32\msrating.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\webcheck.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\resmon.exe
2017-07-11 22:34:22 ----A---- C:\Windows\system32\dxtrans.dll
2017-07-11 22:34:22 ----A---- C:\Windows\system32\certcli.dll
2017-07-11 22:34:21 ----A---- C:\Windows\SYSWOW64\resmon.exe
2017-07-11 22:34:20 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-07-11 22:34:20 ----A---- C:\Windows\system32\msfeeds.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-07-11 22:34:19 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-07-11 22:34:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\ieui.dll
2017-07-11 22:34:17 ----A---- C:\Windows\system32\iertutil.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\mshtmled.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\iesetup.dll
2017-07-11 22:34:16 ----A---- C:\Windows\system32\ie4uinit.exe
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-07-11 22:34:15 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\occache.dll
2017-07-11 22:34:15 ----A---- C:\Windows\system32\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-07-11 22:34:14 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\inseng.dll
2017-07-11 22:34:14 ----A---- C:\Windows\system32\ieUnatt.exe
2017-07-11 22:34:14 ----A---- C:\Windows\system32\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-07-11 22:34:13 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-07-11 22:34:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-11 22:34:11 ----A---- C:\Windows\system32\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-07-11 22:34:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-07-11 22:34:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-07-11 22:34:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\rpcrt4.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\mssrch.dll
2017-07-11 22:34:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-07-11 22:34:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-07-11 22:34:04 ----A---- C:\Windows\system32\lsasrv.dll
2017-07-11 22:34:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssvp.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\mssph.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-07-11 22:34:03 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-07-11 22:34:02 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\schannel.dll
2017-07-11 22:34:02 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-07-11 22:34:01 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\ncrypt.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\msv1_0.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssprxy.dll
2017-07-11 22:34:01 ----A---- C:\Windows\system32\mssphtb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-07-11 22:34:00 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\wdigest.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\TSpkg.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\sspicli.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\mssitlb.dll
2017-07-11 22:34:00 ----A---- C:\Windows\system32\bcrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\rpchttp.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\msscntrs.dll
2017-07-11 22:33:59 ----A---- C:\Windows\system32\lsass.exe
2017-07-11 22:33:59 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-07-11 22:33:59 ----A---- C:\Windows\system32\cryptbase.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-07-11 22:33:57 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\sspisrv.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\secur32.dll
2017-07-11 22:33:57 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-07-11 22:33:56 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\msshooks.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\credssp.dll
2017-07-11 22:33:56 ----A---- C:\Windows\system32\cdd.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-07-11 22:33:55 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-07-11 22:33:55 ----A---- C:\Windows\system32\auditpol.exe
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\tzres.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\msaudite.dll
2017-07-11 22:33:49 ----A---- C:\Windows\system32\adtschema.dll
2017-07-11 22:33:48 ----A---- C:\Windows\system32\msobjs.dll
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aitstatic.exe
2017-07-11 22:06:51 ----A---- C:\Windows\system32\aeinv.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\appraiser.dll
2017-07-11 22:06:50 ----A---- C:\Windows\system32\aepic.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\invagent.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\generaltel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\devinv.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-07-11 22:06:49 ----A---- C:\Windows\system32\centel.dll
2017-07-11 22:06:49 ----A---- C:\Windows\system32\acmigration.dll
2017-07-11 00:34:13 ----D---- C:\Program Files (x86)\The Creative Assembly
======List of files/folders modified in the last 1 month======
2017-08-03 20:28:49 ----D---- C:\Windows\Prefetch
2017-08-03 20:27:26 ----D---- C:\Windows\Temp
2017-08-03 20:27:15 ----D---- C:\Windows\system32\Tasks
2017-08-03 20:26:16 ----D---- C:\Windows\system32\drivers
2017-08-03 20:26:01 ----D---- C:\Windows\system32\config
2017-08-03 20:25:21 ----D---- C:\Windows
2017-08-03 20:13:38 ----RD---- C:\Program Files (x86)
2017-08-02 23:26:01 ----SHD---- C:\Windows\Installer
2017-08-02 23:26:01 ----SHD---- C:\Config.Msi
2017-08-02 23:21:18 ----SHD---- C:\System Volume Information
2017-08-02 20:08:18 ----D---- C:\Windows\inf
2017-07-31 21:30:35 ----D---- C:\Users\Pekos\AppData\Roaming\vlc
2017-07-31 21:14:39 ----HD---- C:\ProgramData
2017-07-30 19:32:35 ----D---- C:\Users\Pekos\AppData\Roaming\Media Player Classic
2017-07-30 19:09:55 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-07-30 19:09:46 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-07-30 18:24:08 ----RD---- C:\Program Files
2017-07-30 15:42:51 ----D---- C:\Windows\Minidump
2017-07-30 15:37:35 ----D---- C:\Users\Pekos\AppData\Roaming\DAEMON Tools Lite
2017-07-30 15:37:13 ----D---- C:\Windows\Logs
2017-07-28 22:24:15 ----D---- C:\ProgramData\Microsoft Help
2017-07-28 22:24:14 ----A---- C:\Windows\win.ini
2017-07-24 15:49:00 ----D---- C:\Windows\winsxs
2017-07-24 15:45:02 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-07-23 15:08:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-07-22 21:47:35 ----D---- C:\Windows\SysWOW64
2017-07-22 21:46:11 ----D---- C:\Windows\Tasks
2017-07-20 17:56:15 ----D---- C:\Windows\debug
2017-07-12 04:31:11 ----D---- C:\Windows\rescache
2017-07-12 03:37:12 ----D---- C:\Windows\system32\appraiser
2017-07-12 03:37:12 ----D---- C:\Windows\System32
2017-07-12 03:36:56 ----D---- C:\Program Files (x86)\Internet Explorer
2017-07-12 03:36:47 ----D---- C:\Program Files\Internet Explorer
2017-07-12 03:36:44 ----D---- C:\Windows\SYSWOW64\bg-BG
2017-07-12 03:36:43 ----D---- C:\Windows\SYSWOW64\pl-PL
2017-07-12 03:36:42 ----D---- C:\Windows\SYSWOW64\hr-HR
2017-07-12 03:36:40 ----D---- C:\Windows\SYSWOW64\hu-HU
2017-07-12 03:36:39 ----D---- C:\Windows\SYSWOW64\sl-SI
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2017-07-12 03:36:38 ----D---- C:\Windows\SYSWOW64\migration
2017-07-12 03:36:37 ----D---- C:\Windows\SYSWOW64\lv-LV
2017-07-12 03:36:36 ----D---- C:\Windows\SYSWOW64\lt-LT
2017-07-12 03:36:34 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-07-12 03:36:33 ----D---- C:\Windows\SYSWOW64\et-EE
2017-07-12 03:36:32 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-07-12 03:36:30 ----D---- C:\Windows\SYSWOW64\ro-RO
2017-07-12 03:36:29 ----D---- C:\Windows\SYSWOW64\en-US
2017-07-12 03:36:19 ----D---- C:\Windows\system32\bg-BG
2017-07-12 03:36:17 ----D---- C:\Windows\system32\pl-PL
2017-07-12 03:36:16 ----D---- C:\Windows\system32\hr-HR
2017-07-12 03:36:14 ----D---- C:\Windows\system32\hu-HU
2017-07-12 03:36:13 ----D---- C:\Windows\system32\sl-SI
2017-07-12 03:36:11 ----D---- C:\Windows\system32\migration
2017-07-12 03:36:10 ----D---- C:\Windows\system32\sr-Latn-CS
2017-07-12 03:36:09 ----D---- C:\Windows\system32\lv-LV
2017-07-12 03:36:07 ----D---- C:\Windows\system32\lt-LT
2017-07-12 03:36:06 ----D---- C:\Windows\system32\sk-SK
2017-07-12 03:36:05 ----D---- C:\Windows\system32\et-EE
2017-07-12 03:36:03 ----D---- C:\Windows\system32\cs-CZ
2017-07-12 03:36:02 ----D---- C:\Windows\system32\ro-RO
2017-07-12 03:36:00 ----D---- C:\Windows\system32\en-US
2017-07-12 03:35:49 ----D---- C:\Windows\AppPatch
2017-07-12 03:35:37 ----D---- C:\Windows\system32\DriverStore
2017-07-12 03:20:07 ----D---- C:\Windows\system32\MRT
2017-07-12 03:11:32 ----AC---- C:\Windows\system32\MRT.exe
2017-07-12 02:12:44 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-07-12 02:12:30 ----D---- C:\Windows\system32\Macromed
2017-07-12 02:12:07 ----D---- C:\Windows\SYSWOW64\Macromed
2017-07-11 21:35:24 ----D---- C:\Windows\system32\catroot2
2017-07-10 17:50:45 ----D---- C:\Program Files (x86)\Warcraft III
2017-07-10 13:10:42 ----RSD---- C:\Windows\assembly
2017-07-04 19:52:04 ----D---- C:\Program Files (x86)\Codec Pack - All In 1
2017-07-04 19:51:49 ----A---- C:\Windows\iun6002.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-01-17 106768]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-01-09 254528]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-01-17 132272]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-01-17 180544]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-01-17 77616]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-01-17 60536]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-01-17 96856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-06-27 77376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-04-19 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-01-17 49672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-04-19 43680]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-07-30 188352]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-12-11 6228480]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-12-11 160256]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-08-03 101784]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-08-03 45472]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-08-03 253856]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-08-03 84256]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-12 1799680]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-11 6228480]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-10 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-11 202752]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 Printer Control;Printer Control; C:\Windows\system32\PrintCtrl.exe [2013-11-01 127456]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2016-07-26 651576]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12 272384]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-06-29 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-06-30 175560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-12-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventívna kontrola
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventívna kontrola
Dakujem Vam moc. Ste super.Rudy píše:Smazáno. Log by již měl být OK.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventívna kontrola
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?