Zdravím, poprosím o kontrolu logu, eset mi dnes zahlásil trójskeho koňa.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matus at 2015-04-27 20:43:36
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 26 GB (20%) free of 131 GB
Total RAM: 3069 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:46, on 27. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
D:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
C:\Program Files\trend micro\Matus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6875342-0C4E-4CDB-AF03-FE2AF61E554F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11017 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 32898176
\??\C:\Windows\system32\conhost.exe "13689774571050454107-746990086-10166466291584298288890784011430385427768839050
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2280
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>10850</ID><Title>HP Wireless Assistant</Title><Text>WLAN : On
Bluetooth(r): On</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe" /firstrunupdate 0 /TAGS:@FULL-{00564B2F-94AC-424E-AA11-D2EFE2A9DC0E}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Matus\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Matus\AppData\Local\Hola\firefox --firefox
C:\Windows\splwow64.exe 12288
"D:\Program Files (x86)\Adobe Photoshop CS6\Photoshop.exe"
"C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" "-launchedbycsxs"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Matus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187\extensions\
jid1-4P0kohSJxU1qGg@jetpack
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-05 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-05 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{31264a33-a653-46c4-af49-1232c59a7da5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode]
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\Matus\AppData\Roaming\CURSEC~1\Bin\Curse.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2015-01-29 1115144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
C:\Users\Matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.TMB1"=tmb1-v64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 2 months======
2015-04-26 19:17:51 ----D---- C:\Program Files\Pale Moon
2015-04-26 17:49:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-15 09:20:19 ----SHD---- C:\Config.Msi
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:07:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:18 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:05:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:05:38 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:05:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:05:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:05:04 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:00:05 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-12 23:24:41 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-04-12 17:15:52 ----D---- C:\Windows\SYSWOW64\mailoutput
2015-04-12 16:42:16 ----D---- C:\xampp
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdspio.sys
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdrvio.sys
2015-04-12 12:35:34 ----A---- C:\Windows\system32\pwNative.exe
2015-04-12 12:35:04 ----D---- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-04-10 09:09:12 ----D---- C:\ProgramData\ESET
2015-04-10 09:09:12 ----D---- C:\Program Files\ESET
2015-04-06 18:50:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-06 18:50:30 ----SD---- C:\Windows\system32\GWX
2015-03-31 19:50:24 ----D---- C:\Users\Matus\AppData\Roaming\ts3overlay
2015-03-31 19:47:02 ----A---- C:\Windows\SYSWOW64\tmb1-v32.dll
2015-03-31 19:47:02 ----A---- C:\Windows\system32\tmb1-v64.dll
2015-03-31 19:45:45 ----D---- C:\Users\Matus\AppData\Roaming\PlayClaw5
2015-03-31 19:44:53 ----D---- C:\Program Files (x86)\PlayClaw 5
2015-03-19 18:32:24 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-03-19 18:24:15 ----D---- C:\Program Files\Common Files\Adobe
2015-03-11 14:56:37 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-11 14:56:37 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-11 14:56:37 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-11 14:56:37 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-11 14:56:37 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-11 14:56:37 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 14:56:37 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 14:56:37 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 14:56:37 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 14:56:37 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 14:56:29 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-11 14:56:28 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-11 14:56:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-11 14:56:27 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 14:56:25 ----A---- C:\Windows\system32\mf.dll
2015-03-11 14:56:25 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 14:56:24 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 14:56:24 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 14:56:23 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-11 14:56:23 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 14:56:22 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-11 14:56:22 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-11 14:56:22 ----A---- C:\Windows\system32\winload.exe
2015-03-11 14:56:22 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 14:56:16 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 14:56:15 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-11 14:56:15 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-11 14:56:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 14:56:15 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 14:56:14 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-11 14:56:14 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-11 14:56:14 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 14:56:14 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 14:56:14 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 14:56:14 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 14:56:11 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-11 14:56:10 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 14:56:10 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\evr.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 14:56:10 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 14:56:09 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 14:56:09 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 14:56:09 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 14:56:09 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 14:56:09 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 14:56:09 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 14:56:09 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 14:56:09 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 14:56:09 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 14:56:08 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-11 14:56:08 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 14:56:07 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-11 14:56:07 ----A---- C:\Windows\system32\mferror.dll
2015-03-11 14:55:51 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 14:55:51 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 14:55:51 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 14:55:34 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-11 14:55:34 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 14:55:34 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 14:55:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-11 14:55:29 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 14:55:23 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-11 14:55:23 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 14:55:22 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 14:55:22 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 14:55:21 ----A---- C:\Windows\system32\win32k.sys
2015-03-11 14:53:45 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-11 14:53:45 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\epfwwfp.sys
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\epfw.sys
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\ehdrv.sys
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\edevmon.sys
2015-03-10 17:24:42 ----A---- C:\Windows\system32\drivers\eamonm.sys
2015-03-09 12:07:45 ----D---- C:\Users\Matus\AppData\Roaming\LG Electronics
2015-03-09 11:47:04 ----D---- C:\Program Files (x86)\LG Electronics
2015-03-09 11:04:18 ----D---- C:\Users\Matus\AppData\Roaming\ZJMedia
======List of files/folders modified in the last 2 months======
2015-04-27 20:43:46 ----D---- C:\Windows\Prefetch
2015-04-27 20:43:41 ----D---- C:\Windows\Temp
2015-04-27 20:43:40 ----D---- C:\Program Files\trend micro
2015-04-27 19:33:43 ----D---- C:\Windows\system32\config
2015-04-26 19:22:27 ----RD---- C:\Program Files
2015-04-26 18:44:51 ----RD---- C:\Program Files (x86)
2015-04-26 18:44:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 17:56:02 ----D---- C:\Users\Matus\AppData\Roaming\Dropbox
2015-04-26 09:24:23 ----D---- C:\Users\Matus\AppData\Roaming\vlc
2015-04-26 09:16:46 ----D---- C:\Windows\System32
2015-04-26 09:16:46 ----D---- C:\Windows\inf
2015-04-26 09:16:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-26 09:11:27 ----HD---- C:\ProgramData
2015-04-26 09:11:27 ----A---- C:\ProgramData\HPWALog.txt
2015-04-23 23:59:03 ----D---- C:\Users\Matus\AppData\Roaming\TS3Client
2015-04-23 11:58:48 ----D---- C:\Windows\Tasks
2015-04-23 11:58:48 ----D---- C:\Windows\system32\Tasks
2015-04-23 11:57:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 13:03:57 ----D---- C:\Windows\AppCompat
2015-04-16 12:57:52 ----D---- C:\Windows\rescache
2015-04-15 19:06:39 ----D---- C:\Windows\LiveKernelReports
2015-04-15 14:27:52 ----D---- C:\Users\Matus\AppData\Roaming\uTorrent
2015-04-15 10:42:59 ----D---- C:\Windows\Microsoft.NET
2015-04-15 10:42:08 ----RSD---- C:\Windows\assembly
2015-04-15 10:25:07 ----D---- C:\Windows\winsxs
2015-04-15 10:22:28 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 10:22:28 ----D---- C:\Windows\SysWOW64
2015-04-15 10:22:28 ----D---- C:\Windows\system32\en-US
2015-04-15 10:22:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 10:22:27 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:22:27 ----D---- C:\Windows\AppPatch
2015-04-15 10:22:24 ----D---- C:\Windows\system32\drivers
2015-04-15 10:22:24 ----D---- C:\Program Files\Internet Explorer
2015-04-15 10:22:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 09:21:53 ----SHD---- C:\Windows\Installer
2015-04-15 09:20:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 09:18:23 ----D---- C:\Windows\system32\MRT
2015-04-15 09:10:57 ----D---- C:\Windows\debug
2015-04-15 09:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 08:58:13 ----D---- C:\Windows\system32\catroot2
2015-04-13 09:08:10 ----D---- C:\ProgramData\Blizzard Entertainment
2015-04-13 07:59:23 ----D---- C:\Windows
2015-04-12 22:44:18 ----D---- C:\Windows\system32\LogFiles
2015-04-10 09:09:26 ----D---- C:\Windows\system32\DriverStore
2015-04-08 17:31:35 ----D---- C:\Program Files (x86)\Opera
2015-04-07 11:07:25 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 09:39:01 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-06 18:50:39 ----D---- C:\Windows\Logs
2015-04-01 19:19:55 ----D---- C:\Program Files (x86)\WugFresh Development
2015-04-01 10:55:43 ----D---- C:\Program Files (x86)\Common Files
2015-03-25 14:07:27 ----D---- C:\Windows\system32\wbem
2015-03-19 19:46:16 ----D---- C:\Users\Matus\AppData\Roaming\DAEMON Tools Lite
2015-03-19 19:46:16 ----D---- C:\Users\Matus\AppData\Roaming\AIMP3
2015-03-19 19:46:16 ----D---- C:\Program Files (x86)\Steam
2015-03-19 19:18:19 ----RSD---- C:\Windows\Fonts
2015-03-19 18:38:38 ----D---- C:\Users\Matus\AppData\Roaming\Adobe
2015-03-19 18:32:25 ----D---- C:\ProgramData\Adobe
2015-03-19 18:26:48 ----D---- C:\Program Files (x86)\Adobe
2015-03-19 18:24:15 ----D---- C:\Program Files\Common Files
2015-03-11 16:19:17 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-11 16:19:17 ----D---- C:\Program Files\Windows Media Player
2015-03-11 16:19:17 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-11 16:19:16 ----D---- C:\Windows\system32\Dism
2015-03-11 16:19:15 ----D---- C:\Windows\system32\Boot
2015-03-09 10:37:31 ----D---- C:\ProgramData\DAEMON Tools Lite
2015-03-05 14:18:20 ----D---- C:\Windows\Minidump
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-09-28 3060800]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-12 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2014-10-10 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-10-10 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-10-10 37376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2014-12-22 23552]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 448384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-26 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
ESET hlási vírus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
ESET hlási vírus
- Přílohy
-
- TK.png (5.39 KiB) Zobrazeno 1727 x
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
# AdwCleaner v4.202 - Logfile created 27/04/2015 at 21:52:36
# Updated 23/04/2015 by Xplode
# Database : 2015-04-27.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Matus - MATUS-NTB
# Running from : C:\Users\Matus\Desktop\adwcleaner_4.202.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\Matus\AppData\Local\Tbccint
Folder Deleted : C:\Users\Matus\AppData\Local\Hola
Folder Deleted : C:\Users\Matus\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Matus\AppData\LocalLow\BS_Player_ControlBar_B
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C3EAF88D-9CE9-401B-BD76-8466F10C6949}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 sk)
-\\ Pale Moon v
-\\ Google Chrome v42.0.2311.90
-\\ Opera v28.0.1750.51
*************************
AdwCleaner[R0].txt - [2553 bytes] - [27/04/2015 21:50:29]
AdwCleaner[S0].txt - [2281 bytes] - [27/04/2015 21:52:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2340 bytes] ##########
# Updated 23/04/2015 by Xplode
# Database : 2015-04-27.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Matus - MATUS-NTB
# Running from : C:\Users\Matus\Desktop\adwcleaner_4.202.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Tbccint
Folder Deleted : C:\Program Files (x86)\Tbccint
Folder Deleted : C:\Users\Matus\AppData\Local\Tbccint
Folder Deleted : C:\Users\Matus\AppData\Local\Hola
Folder Deleted : C:\Users\Matus\AppData\LocalLow\Tbccint
Folder Deleted : C:\Users\Matus\AppData\LocalLow\BS_Player_ControlBar_B
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C3EAF88D-9CE9-401B-BD76-8466F10C6949}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Tbccint
Key Deleted : HKCU\Software\Tbccint_HKLM
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
Key Deleted : HKLM\SOFTWARE\Conduit
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 sk)
-\\ Pale Moon v
-\\ Google Chrome v42.0.2311.90
-\\ Opera v28.0.1750.51
*************************
AdwCleaner[R0].txt - [2553 bytes] - [27/04/2015 21:50:29]
AdwCleaner[S0].txt - [2281 bytes] - [27/04/2015 21:52:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2340 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matus at 2015-04-28 18:06:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (19%) free of 131 GB
Total RAM: 3069 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:27, on 28. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Program Files\trend micro\Matus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6875342-0C4E-4CDB-AF03-FE2AF61E554F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11113 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29428368
\??\C:\Windows\system32\conhost.exe "7433233615030576611450812861416870767-1634660479-2740991-531696861-760624016
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2256
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>28724</ID><Title>HP Wireless Assistant</Title><Text>WLAN : On
Bluetooth(r): On</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Matus\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Matus\AppData\Local\Hola\firefox --firefox
"C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe"
"taskhost.exe"
"C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.140/deploy/LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6356.1b4dc8b0.626733717 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6356 "\\.\pipe\gecko-crash-server-pipe.6356" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --proxy-stub-channel=Flash6064.5DC1AF38.12732 --host-broker-channel=Flash6064.5DC1AF38.4478 --host-pid=6064 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --channel=5536.003BF200.1938079035 --proxy-stub-channel=Flash6064.5DC1AF38.12732 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Matus\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187\extensions\
jid1-4P0kohSJxU1qGg@jetpack
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-05 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-05 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode]
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\Matus\AppData\Roaming\CURSEC~1\Bin\Curse.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2015-01-29 1115144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
C:\Users\Matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.TMB1"=tmb1-v64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-26 19:17:51 ----D---- C:\Program Files\Pale Moon
2015-04-26 17:49:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-15 09:20:19 ----SHD---- C:\Config.Msi
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:07:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:18 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:05:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:05:38 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:05:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:05:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:05:04 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:00:05 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-12 23:24:41 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-04-12 17:15:52 ----D---- C:\Windows\SYSWOW64\mailoutput
2015-04-12 16:42:16 ----D---- C:\xampp
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdspio.sys
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdrvio.sys
2015-04-12 12:35:34 ----A---- C:\Windows\system32\pwNative.exe
2015-04-12 12:35:04 ----D---- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-04-10 09:09:12 ----D---- C:\ProgramData\ESET
2015-04-10 09:09:12 ----D---- C:\Program Files\ESET
2015-04-06 18:50:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-06 18:50:30 ----SD---- C:\Windows\system32\GWX
2015-03-31 19:50:24 ----D---- C:\Users\Matus\AppData\Roaming\ts3overlay
2015-03-31 19:47:02 ----A---- C:\Windows\SYSWOW64\tmb1-v32.dll
2015-03-31 19:47:02 ----A---- C:\Windows\system32\tmb1-v64.dll
2015-03-31 19:45:45 ----D---- C:\Users\Matus\AppData\Roaming\PlayClaw5
2015-03-31 19:44:53 ----D---- C:\Program Files (x86)\PlayClaw 5
======List of files/folders modified in the last 1 month======
2015-04-28 18:06:27 ----D---- C:\Program Files\trend micro
2015-04-28 18:06:26 ----D---- C:\Windows\Temp
2015-04-28 17:56:06 ----D---- C:\Windows\Prefetch
2015-04-28 17:55:43 ----D---- C:\Users\Matus\AppData\Roaming\vlc
2015-04-28 17:33:04 ----D---- C:\Program Files (x86)\Opera
2015-04-28 17:33:03 ----D---- C:\Windows\system32\Tasks
2015-04-28 17:06:51 ----D---- C:\Users\Matus\AppData\Roaming\uTorrent
2015-04-28 10:07:24 ----D---- C:\Windows\system32\config
2015-04-27 22:58:34 ----D---- C:\Users\Matus\AppData\Roaming\Dropbox
2015-04-27 22:58:17 ----A---- C:\ProgramData\HPWALog.txt
2015-04-27 22:58:16 ----HD---- C:\ProgramData
2015-04-27 22:00:32 ----D---- C:\Windows\System32
2015-04-27 22:00:32 ----D---- C:\Windows\inf
2015-04-27 22:00:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-27 21:54:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 21:52:57 ----D---- C:\AdwCleaner
2015-04-27 21:52:37 ----RD---- C:\Program Files (x86)
2015-04-26 19:22:27 ----RD---- C:\Program Files
2015-04-23 23:59:03 ----D---- C:\Users\Matus\AppData\Roaming\TS3Client
2015-04-23 11:58:48 ----D---- C:\Windows\Tasks
2015-04-23 11:57:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 13:03:57 ----D---- C:\Windows\AppCompat
2015-04-16 12:57:52 ----D---- C:\Windows\rescache
2015-04-15 19:06:39 ----D---- C:\Windows\LiveKernelReports
2015-04-15 10:42:59 ----D---- C:\Windows\Microsoft.NET
2015-04-15 10:42:08 ----RSD---- C:\Windows\assembly
2015-04-15 10:25:07 ----D---- C:\Windows\winsxs
2015-04-15 10:22:28 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 10:22:28 ----D---- C:\Windows\SysWOW64
2015-04-15 10:22:28 ----D---- C:\Windows\system32\en-US
2015-04-15 10:22:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 10:22:27 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:22:27 ----D---- C:\Windows\AppPatch
2015-04-15 10:22:24 ----D---- C:\Windows\system32\drivers
2015-04-15 10:22:24 ----D---- C:\Program Files\Internet Explorer
2015-04-15 10:22:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 09:21:53 ----SHD---- C:\Windows\Installer
2015-04-15 09:20:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 09:18:23 ----D---- C:\Windows\system32\MRT
2015-04-15 09:10:57 ----D---- C:\Windows\debug
2015-04-15 09:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 08:58:13 ----D---- C:\Windows\system32\catroot2
2015-04-13 09:08:10 ----D---- C:\ProgramData\Blizzard Entertainment
2015-04-13 07:59:23 ----D---- C:\Windows
2015-04-12 22:44:18 ----D---- C:\Windows\system32\LogFiles
2015-04-10 09:09:26 ----D---- C:\Windows\system32\DriverStore
2015-04-07 11:07:25 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 09:39:01 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-06 18:50:39 ----D---- C:\Windows\Logs
2015-04-01 19:19:55 ----D---- C:\Program Files (x86)\WugFresh Development
2015-04-01 10:55:43 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-09-28 3060800]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-12 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2014-10-10 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-10-10 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-10-10 37376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2014-12-22 23552]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 448384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-26 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by Matus at 2015-04-28 18:06:26
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (19%) free of 131 GB
Total RAM: 3069 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:06:27, on 28. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.140\deploy\LolClient.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
C:\Program Files\trend micro\Matus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6875342-0C4E-4CDB-AF03-FE2AF61E554F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11113 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 29428368
\??\C:\Windows\system32\conhost.exe "7433233615030576611450812861416870767-1634660479-2740991-531696861-760624016
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2256
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>28724</ID><Title>HP Wireless Assistant</Title><Text>WLAN : On
Bluetooth(r): On</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Matus\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Matus\AppData\Local\Hola\firefox --firefox
"C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe"
"taskhost.exe"
"C:/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.140/deploy/LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6356.1b4dc8b0.626733717 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 6356 "\\.\pipe\gecko-crash-server-pipe.6356" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --proxy-stub-channel=Flash6064.5DC1AF38.12732 --host-broker-channel=Flash6064.5DC1AF38.4478 --host-pid=6064 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe" --channel=5536.003BF200.1938079035 --proxy-stub-channel=Flash6064.5DC1AF38.12732 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Matus\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187\extensions\
jid1-4P0kohSJxU1qGg@jetpack
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-05 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-05 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode]
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\Matus\AppData\Roaming\CURSEC~1\Bin\Curse.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2015-01-29 1115144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
C:\Users\Matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.TMB1"=tmb1-v64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-26 19:17:51 ----D---- C:\Program Files\Pale Moon
2015-04-26 17:49:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-15 09:20:19 ----SHD---- C:\Config.Msi
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:07:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:18 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:05:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:05:38 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:05:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:05:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:05:04 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:00:05 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-12 23:24:41 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-04-12 17:15:52 ----D---- C:\Windows\SYSWOW64\mailoutput
2015-04-12 16:42:16 ----D---- C:\xampp
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdspio.sys
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdrvio.sys
2015-04-12 12:35:34 ----A---- C:\Windows\system32\pwNative.exe
2015-04-12 12:35:04 ----D---- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-04-10 09:09:12 ----D---- C:\ProgramData\ESET
2015-04-10 09:09:12 ----D---- C:\Program Files\ESET
2015-04-06 18:50:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-06 18:50:30 ----SD---- C:\Windows\system32\GWX
2015-03-31 19:50:24 ----D---- C:\Users\Matus\AppData\Roaming\ts3overlay
2015-03-31 19:47:02 ----A---- C:\Windows\SYSWOW64\tmb1-v32.dll
2015-03-31 19:47:02 ----A---- C:\Windows\system32\tmb1-v64.dll
2015-03-31 19:45:45 ----D---- C:\Users\Matus\AppData\Roaming\PlayClaw5
2015-03-31 19:44:53 ----D---- C:\Program Files (x86)\PlayClaw 5
======List of files/folders modified in the last 1 month======
2015-04-28 18:06:27 ----D---- C:\Program Files\trend micro
2015-04-28 18:06:26 ----D---- C:\Windows\Temp
2015-04-28 17:56:06 ----D---- C:\Windows\Prefetch
2015-04-28 17:55:43 ----D---- C:\Users\Matus\AppData\Roaming\vlc
2015-04-28 17:33:04 ----D---- C:\Program Files (x86)\Opera
2015-04-28 17:33:03 ----D---- C:\Windows\system32\Tasks
2015-04-28 17:06:51 ----D---- C:\Users\Matus\AppData\Roaming\uTorrent
2015-04-28 10:07:24 ----D---- C:\Windows\system32\config
2015-04-27 22:58:34 ----D---- C:\Users\Matus\AppData\Roaming\Dropbox
2015-04-27 22:58:17 ----A---- C:\ProgramData\HPWALog.txt
2015-04-27 22:58:16 ----HD---- C:\ProgramData
2015-04-27 22:00:32 ----D---- C:\Windows\System32
2015-04-27 22:00:32 ----D---- C:\Windows\inf
2015-04-27 22:00:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-27 21:54:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 21:52:57 ----D---- C:\AdwCleaner
2015-04-27 21:52:37 ----RD---- C:\Program Files (x86)
2015-04-26 19:22:27 ----RD---- C:\Program Files
2015-04-23 23:59:03 ----D---- C:\Users\Matus\AppData\Roaming\TS3Client
2015-04-23 11:58:48 ----D---- C:\Windows\Tasks
2015-04-23 11:57:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 13:03:57 ----D---- C:\Windows\AppCompat
2015-04-16 12:57:52 ----D---- C:\Windows\rescache
2015-04-15 19:06:39 ----D---- C:\Windows\LiveKernelReports
2015-04-15 10:42:59 ----D---- C:\Windows\Microsoft.NET
2015-04-15 10:42:08 ----RSD---- C:\Windows\assembly
2015-04-15 10:25:07 ----D---- C:\Windows\winsxs
2015-04-15 10:22:28 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 10:22:28 ----D---- C:\Windows\SysWOW64
2015-04-15 10:22:28 ----D---- C:\Windows\system32\en-US
2015-04-15 10:22:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 10:22:27 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:22:27 ----D---- C:\Windows\AppPatch
2015-04-15 10:22:24 ----D---- C:\Windows\system32\drivers
2015-04-15 10:22:24 ----D---- C:\Program Files\Internet Explorer
2015-04-15 10:22:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 09:21:53 ----SHD---- C:\Windows\Installer
2015-04-15 09:20:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 09:18:23 ----D---- C:\Windows\system32\MRT
2015-04-15 09:10:57 ----D---- C:\Windows\debug
2015-04-15 09:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 08:58:13 ----D---- C:\Windows\system32\catroot2
2015-04-13 09:08:10 ----D---- C:\ProgramData\Blizzard Entertainment
2015-04-13 07:59:23 ----D---- C:\Windows
2015-04-12 22:44:18 ----D---- C:\Windows\system32\LogFiles
2015-04-10 09:09:26 ----D---- C:\Windows\system32\DriverStore
2015-04-07 11:07:25 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 09:39:01 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-06 18:50:39 ----D---- C:\Windows\Logs
2015-04-01 19:19:55 ----D---- C:\Program Files (x86)\WugFresh Development
2015-04-01 10:55:43 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-09-28 3060800]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-12 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2014-10-10 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-10-10 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-10-10 37376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2014-12-22 23552]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 448384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-26 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
OTM log
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Matus
->Temp folder emptied: 118806486 bytes
->Temporary Internet Files folder emptied: 11505168 bytes
->Java cache emptied: 2080689 bytes
->FireFox cache emptied: 365883595 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 12825 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 261910210 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 150905704 bytes
Total Files Cleaned = 869,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Matus
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04292015_001413
Files moved on Reboot...
C:\Users\Matus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Matus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\TMP0000003F70A05DD14E7DFFA3 not found!
Registry entries deleted on Reboot...
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0408251153de1.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Matus
->Temp folder emptied: 118806486 bytes
->Temporary Internet Files folder emptied: 11505168 bytes
->Java cache emptied: 2080689 bytes
->FireFox cache emptied: 365883595 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 12825 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 261910210 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 150905704 bytes
Total Files Cleaned = 869,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Matus
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 04292015_001413
Files moved on Reboot...
C:\Users\Matus\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Matus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File C:\Windows\temp\TMP0000003F70A05DD14E7DFFA3 not found!
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
Najnovšie začal ESET hlásiť, aj že zablokoval nejaké vyskakovacie okna :/
RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matus at 2015-04-29 18:30:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (19%) free of 131 GB
Total RAM: 3069 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:52, on 29. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Matus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6875342-0C4E-4CDB-AF03-FE2AF61E554F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10714 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 31330768
\??\C:\Windows\system32\conhost.exe "-370111059673405936-13402981511153595357-604693653-120755162-310027389-232415583
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {5D51D17A-725F-4C04-AC7D-7D67CEA944CD}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2796
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>4787</ID><Title>HP Wireless Assistant</Title><Text>WLAN : On
Bluetooth(r): On</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Matus\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Matus\AppData\Local\Hola\firefox --firefox
"C:\Program Files\Pale Moon\palemoon.exe"
"C:\Program Files\Pale Moon\plugin-container.exe" --channel=2420.14396a80.1455338105 "C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll" -greomni "C:\Program Files\Pale Moon\omni.ja" -appomni "C:\Program Files\Pale Moon\browser\omni.ja" -appdir "C:\Program Files\Pale Moon\browser" A3665BA0C7D475A 2420 plugin
"C:\Users\Matus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187\extensions\
jid1-4P0kohSJxU1qGg@jetpack
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-05 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-05 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode]
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\Matus\AppData\Roaming\CURSEC~1\Bin\Curse.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2015-01-29 1115144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
C:\Users\Matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.TMB1"=tmb1-v64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-29 00:14:13 ----D---- C:\_OTM
2015-04-26 19:17:51 ----D---- C:\Program Files\Pale Moon
2015-04-26 17:49:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\vccorlib110.dll
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\msvcr110.dll
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\msvcp110.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:07:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:18 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:05:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:05:38 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:05:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:05:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:05:04 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:00:05 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-12 23:24:41 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-04-12 17:15:52 ----D---- C:\Windows\SYSWOW64\mailoutput
2015-04-12 16:42:16 ----D---- C:\xampp
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdspio.sys
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdrvio.sys
2015-04-12 12:35:34 ----A---- C:\Windows\system32\pwNative.exe
2015-04-12 12:35:04 ----D---- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-04-10 09:09:12 ----D---- C:\ProgramData\ESET
2015-04-10 09:09:12 ----D---- C:\Program Files\ESET
2015-04-06 18:50:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-06 18:50:30 ----SD---- C:\Windows\system32\GWX
2015-03-31 19:50:24 ----D---- C:\Users\Matus\AppData\Roaming\ts3overlay
2015-03-31 19:47:02 ----A---- C:\Windows\SYSWOW64\tmb1-v32.dll
2015-03-31 19:47:02 ----A---- C:\Windows\system32\tmb1-v64.dll
2015-03-31 19:45:45 ----D---- C:\Users\Matus\AppData\Roaming\PlayClaw5
2015-03-31 19:44:53 ----D---- C:\Program Files (x86)\PlayClaw 5
======List of files/folders modified in the last 1 month======
2015-04-29 18:30:52 ----D---- C:\Windows\Prefetch
2015-04-29 18:30:46 ----D---- C:\Program Files\trend micro
2015-04-29 18:30:41 ----D---- C:\Windows\Temp
2015-04-29 17:56:55 ----D---- C:\Users\Matus\AppData\Roaming\OBS
2015-04-29 17:43:29 ----SHD---- C:\Windows\Installer
2015-04-29 17:42:48 ----D---- C:\Program Files (x86)\LibreOffice 4
2015-04-29 17:42:42 ----RSD---- C:\Windows\assembly
2015-04-29 17:42:12 ----D---- C:\Windows\SysWOW64
2015-04-29 17:41:31 ----RSD---- C:\Windows\Fonts
2015-04-29 14:18:27 ----D---- C:\Windows\system32\config
2015-04-29 14:12:24 ----D---- C:\Users\Matus\AppData\Roaming\vlc
2015-04-29 13:07:25 ----D---- C:\Windows\System32
2015-04-29 13:07:25 ----D---- C:\Windows\inf
2015-04-29 13:07:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-29 13:02:24 ----D---- C:\Users\Matus\AppData\Roaming\Dropbox
2015-04-29 13:02:02 ----HD---- C:\ProgramData
2015-04-29 13:02:02 ----A---- C:\ProgramData\HPWALog.txt
2015-04-29 00:14:19 ----D---- C:\Windows\Tasks
2015-04-29 00:14:14 ----D---- C:\Users\Matus\AppData\Roaming\TS3Client
2015-04-28 17:33:04 ----D---- C:\Program Files (x86)\Opera
2015-04-28 17:33:03 ----D---- C:\Windows\system32\Tasks
2015-04-28 17:06:51 ----D---- C:\Users\Matus\AppData\Roaming\uTorrent
2015-04-27 21:54:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 21:52:57 ----D---- C:\AdwCleaner
2015-04-27 21:52:37 ----RD---- C:\Program Files (x86)
2015-04-26 19:22:27 ----RD---- C:\Program Files
2015-04-23 11:57:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 13:03:57 ----D---- C:\Windows\AppCompat
2015-04-16 12:57:52 ----D---- C:\Windows\rescache
2015-04-15 19:06:39 ----D---- C:\Windows\LiveKernelReports
2015-04-15 10:42:59 ----D---- C:\Windows\Microsoft.NET
2015-04-15 10:25:07 ----D---- C:\Windows\winsxs
2015-04-15 10:22:28 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 10:22:28 ----D---- C:\Windows\system32\en-US
2015-04-15 10:22:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 10:22:27 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:22:27 ----D---- C:\Windows\AppPatch
2015-04-15 10:22:24 ----D---- C:\Windows\system32\drivers
2015-04-15 10:22:24 ----D---- C:\Program Files\Internet Explorer
2015-04-15 10:22:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 09:20:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 09:18:23 ----D---- C:\Windows\system32\MRT
2015-04-15 09:10:57 ----D---- C:\Windows\debug
2015-04-15 09:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 08:58:13 ----D---- C:\Windows\system32\catroot2
2015-04-13 09:08:10 ----D---- C:\ProgramData\Blizzard Entertainment
2015-04-13 07:59:23 ----D---- C:\Windows
2015-04-12 22:44:18 ----D---- C:\Windows\system32\LogFiles
2015-04-10 09:09:26 ----D---- C:\Windows\system32\DriverStore
2015-04-07 11:07:25 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 09:39:01 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-06 18:50:39 ----D---- C:\Windows\Logs
2015-04-01 19:19:55 ----D---- C:\Program Files (x86)\WugFresh Development
2015-04-01 10:55:43 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-09-28 3060800]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-12 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2014-10-10 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-10-10 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-10-10 37376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2014-12-22 23552]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 448384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-26 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
RSIT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Matus at 2015-04-29 18:30:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 25 GB (19%) free of 131 GB
Total RAM: 3069 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:30:52, on 29. 4. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Matus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [f.lux] "C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OscarX7Mouse5Mode] "C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe" Minimum
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6875342-0C4E-4CDB-AF03-FE2AF61E554F}: NameServer = 8.8.8.8,8.8.4.4
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\Windows\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10714 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vfsFPService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 31330768
\??\C:\Windows\system32\conhost.exe "-370111059673405936-13402981511153595357-604693653-120755162-310027389-232415583
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe"
taskeng.exe {5D51D17A-725F-4C04-AC7D-7D67CEA944CD}
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\EscSvc64.exe
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2796
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>4787</ID><Title>HP Wireless Assistant</Title><Text>WLAN : On
Bluetooth(r): On</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Matus\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\Matus\AppData\Local\Hola\firefox --firefox
"C:\Program Files\Pale Moon\palemoon.exe"
"C:\Program Files\Pale Moon\plugin-container.exe" --channel=2420.14396a80.1455338105 "C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll" -greomni "C:\Program Files\Pale Moon\omni.ja" -appomni "C:\Program Files\Pale Moon\browser\omni.ja" -appdir "C:\Program Files\Pale Moon\browser" A3665BA0C7D475A 2420 plugin
"C:\Users\Matus\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187
prefs.js - "browser.startup.homepage" - "www.google.sk"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Users\Matus\AppData\Roaming\Mozilla\Firefox\Profiles\g6kvr1b9.default-1414501051187\extensions\
jid1-4P0kohSJxU1qGg@jetpack
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-05 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-05 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-21 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29 629256]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-21 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2012-03-09 462712]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"f.lux"=C:\Users\Matus\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"AdobeBridge"= []
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"OscarX7Mouse5Mode"=C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM Tray Agent]
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2011-10-31 1058400]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPLTarget]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OscarX7Mouse5Mode]
C:\Program Files (x86)\OscarX7Editor5Mode\OscarX7Editor5Mode\OscarEditor.exe [2013-02-01 3571712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
C:\Program Files (x86)\Overwolf\Overwolf.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
C:\Users\Matus\AppData\Roaming\CURSEC~1\Bin\Curse.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Matus^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk]
C:\PROGRA~2\Evernote\Evernote\EVERNO~2.EXE [2015-01-29 1115144]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-04-30 642304]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
C:\Users\Matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Matus\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"VIDC.TMB1"=tmb1-v64.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-04-29 00:14:13 ----D---- C:\_OTM
2015-04-26 19:17:51 ----D---- C:\Program Files\Pale Moon
2015-04-26 17:49:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\vccorlib110.dll
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\msvcr110.dll
2015-04-21 10:30:00 ----A---- C:\Windows\SYSWOW64\msvcp110.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 09:07:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:07:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:07:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 09:07:23 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 09:07:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 09:07:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 09:07:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 09:07:21 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 09:07:20 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:07:20 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:07:20 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 09:07:19 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 09:07:18 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 09:07:18 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 09:07:17 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 09:07:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 09:07:16 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 09:07:15 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 09:07:14 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 09:07:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:07:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 09:05:57 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 09:05:57 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wups.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 09:05:56 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 09:05:46 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 09:05:45 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 09:05:39 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:05:38 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 09:05:38 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 09:05:37 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 09:05:37 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 09:05:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 09:05:35 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 09:05:35 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 09:05:34 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 09:05:34 ----A---- C:\Windows\system32\smss.exe
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 09:05:33 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 09:05:33 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:05:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:05:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 09:05:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 09:05:31 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 09:05:30 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 09:05:04 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 09:00:05 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 09:00:05 ----A---- C:\Windows\system32\clfs.sys
2015-04-12 23:24:41 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-04-12 17:15:52 ----D---- C:\Windows\SYSWOW64\mailoutput
2015-04-12 16:42:16 ----D---- C:\xampp
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdspio.sys
2015-04-12 12:35:34 ----N---- C:\Windows\system32\pwdrvio.sys
2015-04-12 12:35:34 ----A---- C:\Windows\system32\pwNative.exe
2015-04-12 12:35:04 ----D---- C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2015-04-10 09:09:12 ----D---- C:\ProgramData\ESET
2015-04-10 09:09:12 ----D---- C:\Program Files\ESET
2015-04-06 18:50:31 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-06 18:50:30 ----SD---- C:\Windows\system32\GWX
2015-03-31 19:50:24 ----D---- C:\Users\Matus\AppData\Roaming\ts3overlay
2015-03-31 19:47:02 ----A---- C:\Windows\SYSWOW64\tmb1-v32.dll
2015-03-31 19:47:02 ----A---- C:\Windows\system32\tmb1-v64.dll
2015-03-31 19:45:45 ----D---- C:\Users\Matus\AppData\Roaming\PlayClaw5
2015-03-31 19:44:53 ----D---- C:\Program Files (x86)\PlayClaw 5
======List of files/folders modified in the last 1 month======
2015-04-29 18:30:52 ----D---- C:\Windows\Prefetch
2015-04-29 18:30:46 ----D---- C:\Program Files\trend micro
2015-04-29 18:30:41 ----D---- C:\Windows\Temp
2015-04-29 17:56:55 ----D---- C:\Users\Matus\AppData\Roaming\OBS
2015-04-29 17:43:29 ----SHD---- C:\Windows\Installer
2015-04-29 17:42:48 ----D---- C:\Program Files (x86)\LibreOffice 4
2015-04-29 17:42:42 ----RSD---- C:\Windows\assembly
2015-04-29 17:42:12 ----D---- C:\Windows\SysWOW64
2015-04-29 17:41:31 ----RSD---- C:\Windows\Fonts
2015-04-29 14:18:27 ----D---- C:\Windows\system32\config
2015-04-29 14:12:24 ----D---- C:\Users\Matus\AppData\Roaming\vlc
2015-04-29 13:07:25 ----D---- C:\Windows\System32
2015-04-29 13:07:25 ----D---- C:\Windows\inf
2015-04-29 13:07:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-29 13:02:24 ----D---- C:\Users\Matus\AppData\Roaming\Dropbox
2015-04-29 13:02:02 ----HD---- C:\ProgramData
2015-04-29 13:02:02 ----A---- C:\ProgramData\HPWALog.txt
2015-04-29 00:14:19 ----D---- C:\Windows\Tasks
2015-04-29 00:14:14 ----D---- C:\Users\Matus\AppData\Roaming\TS3Client
2015-04-28 17:33:04 ----D---- C:\Program Files (x86)\Opera
2015-04-28 17:33:03 ----D---- C:\Windows\system32\Tasks
2015-04-28 17:06:51 ----D---- C:\Users\Matus\AppData\Roaming\uTorrent
2015-04-27 21:54:40 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-27 21:52:57 ----D---- C:\AdwCleaner
2015-04-27 21:52:37 ----RD---- C:\Program Files (x86)
2015-04-26 19:22:27 ----RD---- C:\Program Files
2015-04-23 11:57:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-16 13:03:57 ----D---- C:\Windows\AppCompat
2015-04-16 12:57:52 ----D---- C:\Windows\rescache
2015-04-15 19:06:39 ----D---- C:\Windows\LiveKernelReports
2015-04-15 10:42:59 ----D---- C:\Windows\Microsoft.NET
2015-04-15 10:25:07 ----D---- C:\Windows\winsxs
2015-04-15 10:22:28 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 10:22:28 ----D---- C:\Windows\system32\en-US
2015-04-15 10:22:27 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 10:22:27 ----D---- C:\Windows\system32\appraiser
2015-04-15 10:22:27 ----D---- C:\Windows\AppPatch
2015-04-15 10:22:24 ----D---- C:\Windows\system32\drivers
2015-04-15 10:22:24 ----D---- C:\Program Files\Internet Explorer
2015-04-15 10:22:23 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 09:20:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 09:18:23 ----D---- C:\Windows\system32\MRT
2015-04-15 09:10:57 ----D---- C:\Windows\debug
2015-04-15 09:10:52 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 08:58:13 ----D---- C:\Windows\system32\catroot2
2015-04-13 09:08:10 ----D---- C:\ProgramData\Blizzard Entertainment
2015-04-13 07:59:23 ----D---- C:\Windows
2015-04-12 22:44:18 ----D---- C:\Windows\system32\LogFiles
2015-04-10 09:09:26 ----D---- C:\Windows\system32\DriverStore
2015-04-07 11:07:25 ----D---- C:\Program Files (x86)\Battle.net
2015-04-07 09:39:01 ----D---- C:\Program Files (x86)\World of Warcraft
2015-04-06 18:50:39 ----D---- C:\Windows\Logs
2015-04-01 19:19:55 ----D---- C:\Program Files (x86)\WugFresh Development
2015-04-01 10:55:43 ----D---- C:\Program Files (x86)\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 pwdrvio;pwdrvio; C:\Windows\system32\pwdrvio.sys [2013-09-30 19152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-28 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2013-04-10 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-04-30 359936]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-05-14 96896]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-09-28 3060800]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-20 140712]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-12 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]
S3 AndnetBus;LGE Mobile USB Composite Device; C:\Windows\system32\DRIVERS\lgandnetbus64.sys [2014-10-10 20992]
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [2014-10-10 30720]
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [2014-10-10 37376]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-04-30 11922944]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2013-09-30 12504]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 UHSfiltv;UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [2014-12-22 23552]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-04-30 238080]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc64.exe [2011-12-12 135824]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2014-12-11 89864]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 721712]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-05-14 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-01-06 448384]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-26 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-09-16 569024]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
Trójana mi od vtedy nehlásilo, len ako som spomínal o post vyššie, hlási mi, že zabránil zobrazeniu nejakých vyskakovacích okien na nejaké reklamné stránky (aspoň podľa linku). Zdá sa mi, že to robí iba pri používaní ff
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1. 5. 2015
Scan Time: 9:47:43
Logfile: asdasdasd.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.01.01
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Matus
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340995
Time Elapsed: 27 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 1. 5. 2015
Scan Time: 9:47:43
Logfile: asdasdasd.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.05.01.01
Rootkit Database: v2015.04.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Matus
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340995
Time Elapsed: 27 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: ESET hlási vírus
Toto je v pořádku. FF zazálohujte pomocí Mozbackup: http://www.stahuj.centrum.cz/utility_a_ ... mozbackup/ . Pak jej odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky a hesla.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: ESET hlási vírus
Momentálne mi vyskočilo toto (ff som ešte nepreinštalvoa)
- Přílohy
-
- hola2.png (10.63 KiB) Zobrazeno 1634 x
Přispějete na provoz fóra?