ogfile of random's system information tool 1.10 (written by random/random)
Run by jozef at 2017-11-26 14:13:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 100 GB (50%) free of 200 GB
Total RAM: 4008 MB (29% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:13:21, on 26/11/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Games\World_of_Tanks\WargamingGameUpdater.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
C:\Windows\AsScrPro.exe
C:\ProgramData\FLEXnet\Connect\11\agent.exe
C:\Program Files\trend micro\jozef.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Google Update] C:\Users\jozef\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [HP ENVY 4520 series (NET)] "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_548CB0A9FE898146E2A2262CF1252283] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9879 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 3961936
\??\C:\Windows\system32\conhost.exe "798012490-285601186211880827213183185821351932083-15909179481928367875-1714605622
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
WLIDSvcM.exe 1948
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\jozef\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\jozef\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.94 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fef89227e8,0x7fef89227a8,0x7fef89227b8
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3148 --on-initialized-event-handle=304 --parent-handle=308 /prefetch:6
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1168,1365501828231553142,10557899763490899418,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --gpu-driver-date=1-29-2014 --service-request-channel-token=8DDEAD0BF0F4523486EF9949C49C2CEB --mojo-platform-channel-handle=1188 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1168,1365501828231553142,10557899763490899418,131072 --service-pipe-token=51DE1D69A45E5B0F729657581FBA2EC9 --lang=en-US --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=51DE1D69A45E5B0F729657581FBA2EC9 --renderer-client-id=4 --mojo-platform-channel-handle=1908 /prefetch:1
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4856.0.1193872706\2042841791" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\jozef\AppData\LocalLow\Mozilla\Temp-{36626167-ae48-48a6-814b-723e34efa9c0}" 4856 "\\.\pipe\gecko-crash-server-pipe.4856" gpu
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4856.3.745236298\2030404066" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧
‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{36626167-ae48-48a6-814b-723e34efa9c0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4856 "\\.\pipe\gecko-crash-server-pipe.4856" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4856.13.1149708596\374555735" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧
‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{36626167-ae48-48a6-814b-723e34efa9c0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4856 "\\.\pipe\gecko-crash-server-pipe.4856" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4856.27.650816434\2147255570" -childID 4 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧
‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{36626167-ae48-48a6-814b-723e34efa9c0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4856 "\\.\pipe\gecko-crash-server-pipe.4856" tab
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
C:\ProgramData\FLEXnet\Connect\11\agent.exe -Embedding
taskeng.exe {43BCE990-55FA-4CAC-8F89-6D41CBB2CF84}
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4856.55.1536142411\1928683688" -childID 8 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧
‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{36626167-ae48-48a6-814b-723e34efa9c0}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4856 "\\.\pipe\gecko-crash-server-pipe.4856" tab
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\jozef\Downloads\RSITx64(1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\ASUS SmartLogon Console Sensor.job - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d04080b0447d36.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0911eb006940c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e1ee6e32ba3.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1cfffa35c597c6b.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0bf895638c935.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0e1eb9f97bbf4.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0f19a6ccc5938.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000UA.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000UA1cfffa35c937831.job - C:\Users\jozef\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\update-S-1-5-21-3464270760-706860917-2697403592-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
=========Mozilla firefox=========
ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eqn91qsb.default-1399121243943
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-01 2189416]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"Google Update"=C:\Users\jozef\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [2017-11-13 601680]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [2017-02-28 3135752]
"Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2012-11-13 3713032]
"HP ENVY 4520 series (NET)"=C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [2017-04-06 3770504]
"GoogleChromeAutoLaunch_548CB0A9FE898146E2A2262CF1252283"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-11-10 1556312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-11-15 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-04 11780712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-11-15 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2016-07-11 225944]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-11-26 14:08:14 ----D---- C:\rsit
2017-11-26 14:08:14 ----D---- C:\Program Files\trend micro
2017-11-16 14:13:18 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-11-16 14:13:10 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-11-16 14:13:10 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-11-16 14:13:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-11-16 14:12:30 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-11-16 14:12:21 ----A---- C:\Windows\system32\drivers\mbae64.sys
2017-11-16 14:12:06 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-15 12:40:18 ----A---- C:\Windows\system32\mshtml.dll
2017-11-15 12:40:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-15 12:40:16 ----A---- C:\Windows\system32\ieframe.dll
2017-11-15 12:40:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\iertutil.dll
2017-11-15 12:40:13 ----A---- C:\Windows\system32\win32k.sys
2017-11-15 12:40:11 ----A---- C:\Windows\system32\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\tquery.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\vbscript.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 12:40:08 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-11-15 12:40:07 ----A---- C:\Windows\system32\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssvp.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssrch.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssph.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mshtmled.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieui.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtrans.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtmsft.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\occache.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\msrating.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jsproxy.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jscript9diag.dll
2017-11-15 12:40:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\lpk.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\iesetup.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\spwmp.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msshooks.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\fontsub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-11-15 12:40:00 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\atmlib.dll
2017-11-15 12:39:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\invagent.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\generaltel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\devinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\centel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\appraiser.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aepic.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aeinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\acmigration.dll
2017-11-08 16:35:04 ----D---- C:\Program Files\Malwarebytes
2017-11-08 16:34:54 ----D---- C:\ProgramData\MB2Migration
2017-11-02 11:11:22 ----D---- C:\Users\jozef\AppData\Roaming\HPPSDr
======List of files/folders modified in the last 1 month======
2017-11-26 14:13:19 ----D---- C:\Windows\Prefetch
2017-11-26 14:13:14 ----D---- C:\Windows\Temp
2017-11-26 14:08:14 ----RD---- C:\Program Files
2017-11-26 13:57:41 ----D---- C:\Windows\tracing
2017-11-25 21:02:51 ----D---- C:\Windows\system32\config
2017-11-25 16:22:22 ----A---- C:\Windows\SYSWOW64\log.txt
2017-11-25 16:20:26 ----D---- C:\Windows\system32\drivers
2017-11-21 06:24:18 ----SHD---- C:\System Volume Information
2017-11-17 00:49:46 ----D---- C:\Users\jozef\AppData\Roaming\Mozilla
2017-11-17 00:43:50 ----D---- C:\Windows
2017-11-17 00:43:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-16 14:12:28 ----HD---- C:\ProgramData
2017-11-16 13:04:56 ----D---- C:\Windows\rescache
2017-11-16 12:42:36 ----D---- C:\Windows\Microsoft.NET
2017-11-16 07:03:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-16 06:58:52 ----D---- C:\Windows\winsxs
2017-11-16 06:54:02 ----D---- C:\Program Files\Internet Explorer
2017-11-16 06:54:01 ----D---- C:\Program Files\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\migration
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\en-US
2017-11-16 06:54:00 ----D---- C:\Windows\SysWOW64
2017-11-16 06:53:57 ----D---- C:\Windows\system32\migration
2017-11-16 06:53:57 ----D---- C:\Windows\system32\en-US
2017-11-16 06:53:57 ----D---- C:\Windows\system32\drivers\en-US
2017-11-16 06:53:56 ----D---- C:\Windows\System32
2017-11-16 06:53:48 ----D---- C:\Windows\system32\appraiser
2017-11-16 06:53:47 ----D---- C:\Windows\AppPatch
2017-11-16 06:53:44 ----D---- C:\Windows\system32\DriverStore
2017-11-16 06:53:31 ----D---- C:\Windows\inf
2017-11-15 17:18:32 ----SHD---- C:\Windows\Installer
2017-11-15 17:15:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-11-15 17:15:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-15 12:36:04 ----D---- C:\Windows\system32\catroot2
2017-11-14 17:12:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-14 17:12:11 ----D---- C:\Windows\system32\Macromed
2017-11-14 17:12:10 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-14 11:48:25 ----D---- C:\Games
2017-11-14 11:19:48 ----D---- C:\Program Files\CCleaner
2017-11-14 11:19:22 ----D---- C:\Windows\system32\Tasks
2017-11-14 11:01:05 ----D---- C:\Program Files (x86)\Common Files
2017-11-14 10:55:16 ----RD---- C:\Program Files (x86)
2017-11-14 10:53:50 ----D---- C:\Users\jozef\AppData\Roaming\Seznam.cz
2017-11-14 10:53:21 ----D---- C:\Program Files (x86)\Seznam.cz
2017-11-08 16:35:05 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-08 16:35:04 ----D---- C:\ProgramData\Malwarebytes
2017-11-02 11:11:54 ----D---- C:\ProgramData\HP
2017-11-02 11:10:42 ----D---- C:\Program Files (x86)\HP
2017-11-01 09:17:41 ----D---- C:\Users\jozef\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-11-01 77432]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-11-20 193464]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-08 2795880]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-11-25 253880]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2016-05-06 49584]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-12-13 116864]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 116224]
S3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-11-22 110016]
S3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-11-22 46008]
S3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-11-22 84256]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2014-04-28 16152]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 6234056]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-14 272384]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-12 194000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-18 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Poprosim o kontrolu logu dakujem
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosim o kontrolu logu dakujem
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosim o kontrolu logu dakujem
# AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 30 12:47:00 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-29-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-29-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosim o kontrolu logu dakujem
Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d04080b0447d36.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0911eb006940c.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0e1ee6e32ba3.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1cfffa35c597c6b.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0bf895638c935.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0e1eb9f97bbf4.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000Core1d0f19a6ccc5938.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3464270760-706860917-2697403592-1000UA1cfffa35c937831.job
:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosim o kontrolu logu dakujem
Logfile of random's system information tool 1.10 (written by random/random)
Run by jozef at 2017-11-30 19:27:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 101 GB (50%) free of 200 GB
Total RAM: 4008 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:54, on 30/11/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal
Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\AsScrPro.exe
C:\Program Files\trend micro\jozef.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [HP ENVY 4520 series (NET)] "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8065 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 4521040
\??\C:\Windows\system32\conhost.exe "-651595425104337045130308034601025288195464131-860882795817711009-444781849
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {8C5379DF-909E-4677-9C72-C6EBC5BBA3F6}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1892
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
taskeng.exe {C19CC5B1-86CB-4631-84BF-A55D96050E4A}
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.0.1027184581\982606279" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\jozef\AppData\LocalLow\Mozilla\Temp-{4fa32469-446e-4bb9-8455-57b1b8f3955a}" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.3.1323521632\711411671" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{4fa32469-446e-4bb9-8455-57b1b8f3955a}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.13.1208923198\1785197281" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{4fa32469-446e-4bb9-8455-57b1b8f3955a}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" tab
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\jozef\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
=========Mozilla firefox=========
ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\7tc4cl94.default-1399121243943-1511791564062
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-01 2189416]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2017-11-02 323328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]
"HP ENVY 4520 series (NET)"=C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [2017-04-06 3770504]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-10 27832264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-11-15 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-04 11780712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-11-15 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\System32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-11-30 19:27:41 ----D---- C:\rsit
2017-11-30 19:20:47 ----D---- C:\_OTM
2017-11-30 12:44:34 ----D---- C:\AdwCleaner
2017-11-28 11:21:23 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2017-11-28 11:20:12 ----RD---- C:\Program Files (x86)\Skype
2017-11-28 11:19:59 ----D---- C:\ProgramData\Skype
2017-11-28 11:18:50 ----SD---- C:\Windows\SYSWOW64\Microsoft
2017-11-28 11:15:05 ----D---- C:\ProgramData\Package Cache
2017-11-27 14:36:18 ----D---- C:\ProgramData\ESET
2017-11-27 14:36:18 ----D---- C:\Program Files\ESET
2017-11-27 14:19:03 ----A---- C:\DelFix.txt
2017-11-27 14:15:20 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-11-27 13:07:35 ----D---- C:\Users\jozef\AppData\Roaming\TeamViewer
2017-11-26 14:08:14 ----D---- C:\Program Files\trend micro
2017-11-16 14:12:06 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-15 12:40:18 ----A---- C:\Windows\system32\mshtml.dll
2017-11-15 12:40:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-15 12:40:16 ----A---- C:\Windows\system32\ieframe.dll
2017-11-15 12:40:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\iertutil.dll
2017-11-15 12:40:13 ----A---- C:\Windows\system32\win32k.sys
2017-11-15 12:40:11 ----A---- C:\Windows\system32\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\tquery.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\vbscript.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 12:40:08 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-11-15 12:40:07 ----A---- C:\Windows\system32\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssvp.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssrch.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssph.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mshtmled.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieui.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtrans.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtmsft.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\occache.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\msrating.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jsproxy.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jscript9diag.dll
2017-11-15 12:40:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\lpk.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\iesetup.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\spwmp.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msshooks.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\fontsub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-11-15 12:40:00 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\atmlib.dll
2017-11-15 12:39:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\invagent.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\generaltel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\devinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\centel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\appraiser.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aepic.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aeinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\acmigration.dll
2017-11-08 16:35:04 ----D---- C:\Program Files\Malwarebytes
2017-11-08 16:34:54 ----D---- C:\ProgramData\MB2Migration
2017-11-02 11:11:22 ----D---- C:\Users\jozef\AppData\Roaming\HPPSDr
2017-11-02 09:02:26 ----A---- C:\Windows\system32\drivers\eamonm.sys
======List of files/folders modified in the last 1 month======
2017-11-30 19:27:54 ----D---- C:\Windows\Prefetch
2017-11-30 19:27:49 ----D---- C:\Windows\Temp
2017-11-30 19:26:13 ----A---- C:\Windows\SYSWOW64\log.txt
2017-11-30 19:24:13 ----D---- C:\Windows\system32\config
2017-11-30 19:24:09 ----D---- C:\Windows\tracing
2017-11-30 12:57:55 ----RD---- C:\Program Files (x86)
2017-11-30 12:57:52 ----D---- C:\Windows
2017-11-30 12:57:48 ----D---- C:\Windows\system32\DriverStore
2017-11-30 12:57:48 ----D---- C:\Windows\inf
2017-11-30 12:57:43 ----D---- C:\Windows\system32\drivers
2017-11-30 12:56:17 ----D---- C:\Users\jozef\AppData\Roaming\Seznam.cz
2017-11-30 07:04:11 ----SHD---- C:\Windows\Installer
2017-11-30 06:59:43 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-11-30 06:59:43 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-11-28 11:20:13 ----D---- C:\Program Files (x86)\Common Files
2017-11-28 11:19:59 ----HD---- C:\ProgramData
2017-11-28 11:18:50 ----D---- C:\Windows\SysWOW64
2017-11-28 11:18:37 ----D---- C:\Program Files (x86)\Seznam.cz
2017-11-28 11:14:59 ----SHD---- C:\System Volume Information
2017-11-27 15:50:08 ----D---- C:\Windows\System32
2017-11-27 15:50:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-27 14:52:48 ----D---- C:\Windows\system32\MRT
2017-11-27 14:47:54 ----D---- C:\Windows\debug
2017-11-27 14:47:46 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-11-27 14:47:23 ----AC---- C:\Windows\system32\MRT.exe
2017-11-27 14:36:18 ----RD---- C:\Program Files
2017-11-27 14:13:53 ----D---- C:\Windows\system32\Tasks
2017-11-27 14:13:52 ----D---- C:\Windows\Tasks
2017-11-27 14:13:52 ----D---- C:\Windows\system32\drivers\etc
2017-11-27 13:52:12 ----D---- C:\ProgramData\Malwarebytes
2017-11-27 13:47:07 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-11-27 13:46:05 ----SD---- C:\ProgramData\Microsoft
2017-11-17 00:49:46 ----D---- C:\Users\jozef\AppData\Roaming\Mozilla
2017-11-17 00:43:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-16 13:04:56 ----D---- C:\Windows\rescache
2017-11-16 12:42:36 ----D---- C:\Windows\Microsoft.NET
2017-11-16 07:03:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-16 06:58:52 ----D---- C:\Windows\winsxs
2017-11-16 06:54:02 ----D---- C:\Program Files\Internet Explorer
2017-11-16 06:54:01 ----D---- C:\Program Files\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\migration
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\en-US
2017-11-16 06:53:57 ----D---- C:\Windows\system32\migration
2017-11-16 06:53:57 ----D---- C:\Windows\system32\en-US
2017-11-16 06:53:57 ----D---- C:\Windows\system32\drivers\en-US
2017-11-16 06:53:48 ----D---- C:\Windows\system32\appraiser
2017-11-16 06:53:47 ----D---- C:\Windows\AppPatch
2017-11-15 17:15:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-11-15 12:36:04 ----D---- C:\Windows\system32\catroot2
2017-11-14 17:12:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-14 17:12:11 ----D---- C:\Windows\system32\Macromed
2017-11-14 17:12:10 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-14 11:48:25 ----D---- C:\Games
2017-11-14 11:19:48 ----D---- C:\Program Files\CCleaner
2017-11-08 16:35:05 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-02 11:11:54 ----D---- C:\ProgramData\HP
2017-11-02 11:10:42 ----D---- C:\Program Files (x86)\HP
2017-11-01 09:17:41 ----D---- C:\Users\jozef\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-11-02 133856]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-10-09 180088]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-09-19 106312]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-08 2795880]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-11-02 1932336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-12 194000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-18 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Run by jozef at 2017-11-30 19:27:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 101 GB (50%) free of 200 GB
Total RAM: 4008 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:27:54, on 30/11/2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal
Running processes:
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Windows\AsScrPro.exe
C:\Program Files\trend micro\jozef.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [HP ENVY 4520 series (NET)] "C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8065 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
C:\Windows\system32\WLANExt.exe 4521040
\??\C:\Windows\system32\conhost.exe "-651595425104337045130308034601025288195464131-860882795817711009-444781849
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {8C5379DF-909E-4677-9C72-C6EBC5BBA3F6}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1892
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH72D4C0Z90660:NW" -scfn "HP ENVY 4520 series (NET)" -AutoStart 1
taskeng.exe {C19CC5B1-86CB-4631-84BF-A55D96050E4A}
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\ESET\ESET Security\egui.exe" /hide
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.0.1027184581\982606279" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" "C:\Users\jozef\AppData\LocalLow\Mozilla\Temp-{4fa32469-446e-4bb9-8455-57b1b8f3955a}" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.3.1323521632\711411671" -childID 1 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{4fa32469-446e-4bb9-8455-57b1b8f3955a}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1308.13.1208923198\1785197281" -childID 2 -isForBrowser -intPrefs 5:50|6:-1|28:1000|34:20|35:5|36:10|45:128|46:10000|51:0|53:400|54:1|55:0|56:0|61:0|62:120|63:120|98:2|99:1|114:5000|124:0|126:0|137:10000|149:-1|154:128|155:10000|156:0|162:24|163:32768|165:0|166:0|174:5|178:1048576|179:100|180:5000|182:600|184:1|193:3|197:0|206:60000| -boolPrefs 1:0|2:0|4:0|26:1|27:1|30:0|33:1|37:1|38:0|39:0|40:0|43:1|44:1|47:0|48:0|49:0|50:0|52:0|57:1|58:1|59:0|60:1|64:1|65:1|66:0|67:1|68:1|69:0|70:1|73:0|74:0|77:1|78:1|82:1|83:1|84:1|85:0|86:0|88:0|89:0|90:1|91:0|92:1|95:1|97:0|100:1|101:0|108:0|113:0|116:1|119:1|121:1|125:0|128:1|131:1|132:1|138:1|139:0|140:1|142:0|148:0|150:1|151:0|152:1|153:1|160:0|161:0|164:1|167:0|169:1|171:1|172:0|177:0|181:1|186:0|187:0|188:0|189:1|190:0|191:1|192:1|195:0|198:0|199:0|200:1|201:1|202:0|203:1|204:1|205:1|207:0|208:0|210:0|218:1|219:1|220:0|221:0|222:0| -stringPrefs "3:7;release|96:0;|141:3;1.0|158:332; ¼½¾ǃː̷̸։֊׃״؉؊٪۔܁܂܃܄ᅟᅠ᜵ ‐’․‧ ‹›⁁⁄⁒ ⅓⅔⅕⅖⅗⅘⅙⅚⅛⅜⅝⅞⅟∕∶⎮╱⧶⧸⫻⫽⿰⿱⿲⿳⿴⿵⿶⿷⿸⿹⿺⿻ 。〔〕〳゠ㅤ㈝㈞㎮㎯㏆㏟꞉︔︕︿﹝﹞./。ᅠ�|159:4;high|194:38;{4fa32469-446e-4bb9-8455-57b1b8f3955a}|" -schedulerPrefs 0001,2 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 1308 "\\.\pipe\gecko-crash-server-pipe.1308" tab
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\jozef\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
=========Mozilla firefox=========
ProfilePath - C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\7tc4cl94.default-1399121243943-1511791564062
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-01 2189416]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-08-11 324096]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-13 2587944]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2017-11-02 323328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]
"HP ENVY 4520 series (NET)"=C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [2017-04-06 3770504]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-10 27832264]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-11-15 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2011-04-13 2018032]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-04 11780712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE /start []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-11-15 12862]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21 5716608]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\System32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-11-30 19:27:41 ----D---- C:\rsit
2017-11-30 19:20:47 ----D---- C:\_OTM
2017-11-30 12:44:34 ----D---- C:\AdwCleaner
2017-11-28 11:21:23 ----D---- C:\Users\jozef\AppData\Roaming\Skype
2017-11-28 11:20:12 ----RD---- C:\Program Files (x86)\Skype
2017-11-28 11:19:59 ----D---- C:\ProgramData\Skype
2017-11-28 11:18:50 ----SD---- C:\Windows\SYSWOW64\Microsoft
2017-11-28 11:15:05 ----D---- C:\ProgramData\Package Cache
2017-11-27 14:36:18 ----D---- C:\ProgramData\ESET
2017-11-27 14:36:18 ----D---- C:\Program Files\ESET
2017-11-27 14:19:03 ----A---- C:\DelFix.txt
2017-11-27 14:15:20 ----A---- C:\Windows\system32\FNTCACHE.DAT
2017-11-27 13:07:35 ----D---- C:\Users\jozef\AppData\Roaming\TeamViewer
2017-11-26 14:08:14 ----D---- C:\Program Files\trend micro
2017-11-16 14:12:06 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-15 12:40:18 ----A---- C:\Windows\system32\mshtml.dll
2017-11-15 12:40:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-11-15 12:40:16 ----A---- C:\Windows\system32\ieframe.dll
2017-11-15 12:40:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\wininet.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\jscript9.dll
2017-11-15 12:40:14 ----A---- C:\Windows\system32\iertutil.dll
2017-11-15 12:40:13 ----A---- C:\Windows\system32\win32k.sys
2017-11-15 12:40:11 ----A---- C:\Windows\system32\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-11-15 12:40:10 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\wmp.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\jscript.dll
2017-11-15 12:40:10 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\ucrtbase.dll
2017-11-15 12:40:09 ----A---- C:\Windows\system32\tquery.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-11-15 12:40:08 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\vbscript.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\t2embed.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\Query.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-15 12:40:08 ----A---- C:\Windows\system32\msfeeds.dll
2017-11-15 12:40:08 ----A---- C:\Windows\system32\iedkcs32.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\drivers\usbhub.sys
2017-11-15 12:40:07 ----A---- C:\Windows\system32\atmfd.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-15 12:40:07 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\webcheck.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\ie4uinit.exe
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbport.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\drivers\luafv.sys
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-15 12:40:06 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssvp.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssrch.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mssph.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\mshtmled.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieui.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\ieapfltr.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtrans.dll
2017-11-15 12:40:05 ----A---- C:\Windows\system32\dxtmsft.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-11-15 12:40:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\occache.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\msrating.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jsproxy.dll
2017-11-15 12:40:04 ----A---- C:\Windows\system32\jscript9diag.dll
2017-11-15 12:40:03 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-11-15 12:40:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssprxy.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssphtb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\mssitlb.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\lpk.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\inseng.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieUnatt.exe
2017-11-15 12:40:02 ----A---- C:\Windows\system32\iesetup.dll
2017-11-15 12:40:02 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-11-15 12:40:01 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\spwmp.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msshooks.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\msscntrs.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\iernonce.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-11-15 12:40:01 ----A---- C:\Windows\system32\fontsub.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dxmasf.dll
2017-11-15 12:40:01 ----A---- C:\Windows\system32\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-11-15 12:40:00 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-11-15 12:40:00 ----A---- C:\Windows\system32\wmploc.DLL
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbohci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbehci.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\drivers\usbd.sys
2017-11-15 12:40:00 ----A---- C:\Windows\system32\atmlib.dll
2017-11-15 12:39:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\invagent.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\generaltel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\devinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\centel.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\appraiser.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aitstatic.exe
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aepic.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\aeinv.dll
2017-11-15 12:38:22 ----A---- C:\Windows\system32\acmigration.dll
2017-11-08 16:35:04 ----D---- C:\Program Files\Malwarebytes
2017-11-08 16:34:54 ----D---- C:\ProgramData\MB2Migration
2017-11-02 11:11:22 ----D---- C:\Users\jozef\AppData\Roaming\HPPSDr
2017-11-02 09:02:26 ----A---- C:\Windows\system32\drivers\eamonm.sys
======List of files/folders modified in the last 1 month======
2017-11-30 19:27:54 ----D---- C:\Windows\Prefetch
2017-11-30 19:27:49 ----D---- C:\Windows\Temp
2017-11-30 19:26:13 ----A---- C:\Windows\SYSWOW64\log.txt
2017-11-30 19:24:13 ----D---- C:\Windows\system32\config
2017-11-30 19:24:09 ----D---- C:\Windows\tracing
2017-11-30 12:57:55 ----RD---- C:\Program Files (x86)
2017-11-30 12:57:52 ----D---- C:\Windows
2017-11-30 12:57:48 ----D---- C:\Windows\system32\DriverStore
2017-11-30 12:57:48 ----D---- C:\Windows\inf
2017-11-30 12:57:43 ----D---- C:\Windows\system32\drivers
2017-11-30 12:56:17 ----D---- C:\Users\jozef\AppData\Roaming\Seznam.cz
2017-11-30 07:04:11 ----SHD---- C:\Windows\Installer
2017-11-30 06:59:43 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-11-30 06:59:43 ----A---- C:\Windows\system32\AutoRunFilter.ini
2017-11-28 11:20:13 ----D---- C:\Program Files (x86)\Common Files
2017-11-28 11:19:59 ----HD---- C:\ProgramData
2017-11-28 11:18:50 ----D---- C:\Windows\SysWOW64
2017-11-28 11:18:37 ----D---- C:\Program Files (x86)\Seznam.cz
2017-11-28 11:14:59 ----SHD---- C:\System Volume Information
2017-11-27 15:50:08 ----D---- C:\Windows\System32
2017-11-27 15:50:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-27 14:52:48 ----D---- C:\Windows\system32\MRT
2017-11-27 14:47:54 ----D---- C:\Windows\debug
2017-11-27 14:47:46 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-11-27 14:47:23 ----AC---- C:\Windows\system32\MRT.exe
2017-11-27 14:36:18 ----RD---- C:\Program Files
2017-11-27 14:13:53 ----D---- C:\Windows\system32\Tasks
2017-11-27 14:13:52 ----D---- C:\Windows\Tasks
2017-11-27 14:13:52 ----D---- C:\Windows\system32\drivers\etc
2017-11-27 13:52:12 ----D---- C:\ProgramData\Malwarebytes
2017-11-27 13:47:07 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-11-27 13:46:05 ----SD---- C:\ProgramData\Microsoft
2017-11-17 00:49:46 ----D---- C:\Users\jozef\AppData\Roaming\Mozilla
2017-11-17 00:43:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-11-16 13:04:56 ----D---- C:\Windows\rescache
2017-11-16 12:42:36 ----D---- C:\Windows\Microsoft.NET
2017-11-16 07:03:55 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-16 06:58:52 ----D---- C:\Windows\winsxs
2017-11-16 06:54:02 ----D---- C:\Program Files\Internet Explorer
2017-11-16 06:54:01 ----D---- C:\Program Files\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Windows Media Player
2017-11-16 06:54:01 ----D---- C:\Program Files (x86)\Internet Explorer
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\migration
2017-11-16 06:54:00 ----D---- C:\Windows\SYSWOW64\en-US
2017-11-16 06:53:57 ----D---- C:\Windows\system32\migration
2017-11-16 06:53:57 ----D---- C:\Windows\system32\en-US
2017-11-16 06:53:57 ----D---- C:\Windows\system32\drivers\en-US
2017-11-16 06:53:48 ----D---- C:\Windows\system32\appraiser
2017-11-16 06:53:47 ----D---- C:\Windows\AppPatch
2017-11-15 17:15:59 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-11-15 12:36:04 ----D---- C:\Windows\system32\catroot2
2017-11-14 17:12:16 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-11-14 17:12:11 ----D---- C:\Windows\system32\Macromed
2017-11-14 17:12:10 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-14 11:48:25 ----D---- C:\Games
2017-11-14 11:19:48 ----D---- C:\Program Files\CCleaner
2017-11-08 16:35:05 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-11-02 11:11:54 ----D---- C:\ProgramData\HP
2017-11-02 11:10:42 ----D---- C:\Program Files (x86)\HP
2017-11-01 09:17:41 ----D---- C:\Users\jozef\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-11-02 133856]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-10-09 180088]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-09-19 106312]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-13 138024]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-08 2795880]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-11-30 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2017-11-02 1932336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-11-12 194000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-07-18 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosim o kontrolu logu dakujem
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Poprosim o kontrolu logu dakujem
wau ...tak to je super dakujem velmi pekne
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Poprosim o kontrolu logu dakujem
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?