Zdravím,
Můj problém spočívá v procesu conhost.exe NETWORK SERVICE, který se pořád dokola od spuštění počítače spouští a mizí každou sekundu. Mizí tak rychle že ve správci úloh ho nestačím ani na kliknout abych se podíval na umístění. A když se mi to povede tak mi to napíše že daný proces nemohl být ukončen protože není pro daný proces platná. A mám pocit že sním tam pořád opakovaně naskakují i jiné procesy které jsou ale moc rychlé abych je přečetl ale vidím že skáče pořád dokola počet spuštěných procesů z 57na 61.Problém nejspíše nastal v době kdy jsem řešil zavirovaný notebook známého. Nejspíše se pár zmetků přeneslo přes flash disc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 08:50:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1277 GB (67%) free of 1908 GB
Total RAM: 8175 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:50:16, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\RunOnce: [Report] C:\AdwCleaner\AdwCleaner[S28].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7272 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000007b8
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\taskmgr.exe" /1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10029_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10029 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\Windows\system32\rundll32.exe C:\Windows\system32\inetcpl.cpl,ClearMyTracksByProcess Flags:90571 WinX:0 WinY:0 IEFrame:0000000000000000
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1650881539-2056394253-108649291714068711251317876193-15913055441125220179-1674790389
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
"C:\Program Files\Internet Explorer\iexplore.exe" -ResetDestinationList
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=C:\AdwCleaner\AdwCleaner[S28].txt [2015-04-19 1181]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:39:39 ----N---- C:\bootsqm.dat
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:59:58 ----D---- C:\Program Files (x86)\CheckPoint
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 08:50:15 ----D---- C:\Windows\temp
2015-05-01 08:50:14 ----D---- C:\Program Files\trend micro
2015-05-01 08:45:13 ----D---- C:\Windows\system32\config
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----D---- C:\Windows\System32
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-01 08:31:36 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 08:23:01 ----D---- C:\ProgramData\NVIDIA
2015-04-30 19:51:28 ----D---- C:\Windows\Prefetch
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-25 20:26:52 ----D---- C:\Windows\Tasks
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:54:53 ----D---- C:\AdwCleaner
2015-04-19 23:51:02 ----D---- C:\Windows
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 22:09:23 ----RD---- C:\Program Files (x86)
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 afcqm9pq;afcqm9pq; C:\Windows\system32\drivers\afcqm9pq.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R4 ZAPrivacyService;ZoneAlarm Privacy Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe []
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
conhost.exe NETWORK SERVICE
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe NETWORK SERVICE
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe NETWORK SERVICE
Provedeno.Přikládám log + nový log z RSIT a ještě log z AdwCleaner který jsem udělal zhruba v době kdy vznikl tento problém.
# AdwCleaner v4.202 - Log vytvořen 01/05/2015 v 11:24:21
# Aktualizováno 23/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Administrátor - PETR-PC
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 cs)
-\\ Comodo Dragon v
*************************
AdwCleaner[R42].txt - [4387 bytů] - [19/04/2015 21:54:46]
AdwCleaner[R43].txt - [1088 bytů] - [19/04/2015 22:46:21]
AdwCleaner[R44].txt - [1147 bytů] - [19/04/2015 22:48:44]
AdwCleaner[R45].txt - [1118 bytů] - [19/04/2015 23:53:53]
AdwCleaner[R46].txt - [1473 bytů] - [01/05/2015 11:21:33]
AdwCleaner[S27].txt - [4155 bytů] - [19/04/2015 21:56:19]
AdwCleaner[S28].txt - [1181 bytů] - [19/04/2015 23:08:04]
AdwCleaner[S29].txt - [1392 bytů] - [01/05/2015 11:24:21]
########## EOF - \AdwCleaner\AdwCleaner[S29].txt - [1451 bytů] ##########
# AdwCleaner v4.201 - Log vytvořen 19/04/2015 v 21:56:19
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-19.4 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Administrátor - PETR-PC
# Spuštěno z : C:\Users\Petr\Documents\Úložiště her\Adw cleaner\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files (x86)\Check Point Software Technologies LTD
Složka Smazáno : C:\Users\Administrátor\AppData\LocalLow\Check Point Software Technologies LTD
Složka Smazáno : C:\Users\Administrátor\AppData\Roaming\Check Point Software Technologies LTD
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKU\.DEFAULT\Software\SpeedBit
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v36.0.4 (x86 cs)
-\\ Comodo Dragon v
*************************
AdwCleaner[R42].txt - [4387 bytů] - [19/04/2015 21:54:46]
AdwCleaner[S27].txt - [4014 bytů] - [19/04/2015 21:56:19]
########## EOF - \AdwCleaner\AdwCleaner[S27].txt - [4073 bytů] ##########
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 11:41:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1277 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:19, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7326 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006d0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3960 CREDAT:267521 /prefetch:2
taskeng.exe {91D7F484-D0E8-4877-A469-20BF88D26CE8}
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1690926882-777745539105891887-16793685571314929571132997191015252859371683690618
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "-68175146-2059777359-225741186-143552837516605708361201935461682238710-1333367773
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:39:39 ----N---- C:\bootsqm.dat
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 11:41:18 ----D---- C:\Windows\temp
2015-05-01 11:41:18 ----D---- C:\Program Files\trend micro
2015-05-01 11:33:29 ----D---- C:\Windows\system32\config
2015-05-01 11:32:15 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 11:28:20 ----D---- C:\ProgramData\NVIDIA
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----D---- C:\Windows\System32
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-30 19:51:28 ----D---- C:\Windows\Prefetch
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-25 20:26:52 ----D---- C:\Windows\Tasks
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:51:02 ----D---- C:\Windows
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 ajci5fsj;ajci5fsj; C:\Windows\system32\drivers\ajci5fsj.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
# AdwCleaner v4.202 - Log vytvořen 01/05/2015 v 11:24:21
# Aktualizováno 23/04/2015 by Xplode
# Databáze : 2015-04-30.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Administrátor - PETR-PC
# Spuštěno z : C:\Users\Petr\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EFEE0228DC83E77358593193D847A0EC
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.1 (x86 cs)
-\\ Comodo Dragon v
*************************
AdwCleaner[R42].txt - [4387 bytů] - [19/04/2015 21:54:46]
AdwCleaner[R43].txt - [1088 bytů] - [19/04/2015 22:46:21]
AdwCleaner[R44].txt - [1147 bytů] - [19/04/2015 22:48:44]
AdwCleaner[R45].txt - [1118 bytů] - [19/04/2015 23:53:53]
AdwCleaner[R46].txt - [1473 bytů] - [01/05/2015 11:21:33]
AdwCleaner[S27].txt - [4155 bytů] - [19/04/2015 21:56:19]
AdwCleaner[S28].txt - [1181 bytů] - [19/04/2015 23:08:04]
AdwCleaner[S29].txt - [1392 bytů] - [01/05/2015 11:24:21]
########## EOF - \AdwCleaner\AdwCleaner[S29].txt - [1451 bytů] ##########
# AdwCleaner v4.201 - Log vytvořen 19/04/2015 v 21:56:19
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-19.4 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Administrátor - PETR-PC
# Spuštěno z : C:\Users\Petr\Documents\Úložiště her\Adw cleaner\adwcleaner_4.201.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\Program Files (x86)\Check Point Software Technologies LTD
Složka Smazáno : C:\Users\Administrátor\AppData\LocalLow\Check Point Software Technologies LTD
Složka Smazáno : C:\Users\Administrátor\AppData\Roaming\Check Point Software Technologies LTD
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Klíč Smazáno : HKU\.DEFAULT\Software\SpeedBit
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
-\\ Mozilla Firefox v36.0.4 (x86 cs)
-\\ Comodo Dragon v
*************************
AdwCleaner[R42].txt - [4387 bytů] - [19/04/2015 21:54:46]
AdwCleaner[S27].txt - [4014 bytů] - [19/04/2015 21:56:19]
########## EOF - \AdwCleaner\AdwCleaner[S27].txt - [4073 bytů] ##########
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 11:41:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1277 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:41:19, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AviraBrowserSafety.BrowserSafety - {c3c77255-42c0-499f-b664-6e981a0b1647} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7326 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006d0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3960 CREDAT:267521 /prefetch:2
taskeng.exe {91D7F484-D0E8-4877-A469-20BF88D26CE8}
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1690926882-777745539105891887-16793685571314929571132997191015252859371683690618
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "-68175146-2059777359-225741186-143552837516605708361201935461682238710-1333367773
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]
AviraBrowserSafety.BrowserSafety - C:\Windows\system32\mscoree.dll [2010-11-04 444752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:39:39 ----N---- C:\bootsqm.dat
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 11:41:18 ----D---- C:\Windows\temp
2015-05-01 11:41:18 ----D---- C:\Program Files\trend micro
2015-05-01 11:33:29 ----D---- C:\Windows\system32\config
2015-05-01 11:32:15 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 11:28:20 ----D---- C:\ProgramData\NVIDIA
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----D---- C:\Windows\System32
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-30 19:51:28 ----D---- C:\Windows\Prefetch
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-25 20:26:52 ----D---- C:\Windows\Tasks
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:51:02 ----D---- C:\Windows
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 ajci5fsj;ajci5fsj; C:\Windows\system32\drivers\ajci5fsj.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe NETWORK SERVICE
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}]/64
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe NETWORK SERVICE
Provedeno.conhost.exe NETWORK SERVICE stále provokuje.
Edit: právě jsem zahlídl že podobně se chová i proces od NVIDIA Stream "nvstreamsvc.exe" ten ale nemizí tak rychle proto jsem ho na kliknul proces vypnul a spolu sním se už neukázal proces conhost.exe NETWORK SERVICE ale očekávám že po restartu počítače se znovu ukáže. Ovladače od NVIDIA jsem používal donedávna bez potíží. Je snad napadnut ?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 14:23:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1277 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:42, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Users\Petr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Petr\Desktop\OTM.exe"
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7360 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006d0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
C:\Users\Petr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3584 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-156912564715650288176593919241341968883-386051449142447313-1242434713-183059869
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "2040444576-1370699127-1198016290720038158-1518242708761059105-11868769471108232307
C:\Windows\system32\WerFault.exe -u -p 4692 -s 840
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Petr\Desktop\OTM.exe [2015-05-01 522240]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 14:06:18 ----D---- C:\_OTM
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:39:39 ----N---- C:\bootsqm.dat
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 14:23:42 ----D---- C:\Windows\temp
2015-05-01 14:23:40 ----D---- C:\Program Files\trend micro
2015-05-01 14:14:59 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 14:10:59 ----D---- C:\ProgramData\NVIDIA
2015-05-01 14:07:10 ----D---- C:\Windows\system32\config
2015-05-01 14:06:56 ----D---- C:\Windows\System32
2015-05-01 14:06:20 ----D---- C:\Windows\Tasks
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-30 19:51:28 ----D---- C:\Windows\Prefetch
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:51:02 ----D---- C:\Windows
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 awabfn66;awabfn66; C:\Windows\system32\drivers\awabfn66.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
Edit: právě jsem zahlídl že podobně se chová i proces od NVIDIA Stream "nvstreamsvc.exe" ten ale nemizí tak rychle proto jsem ho na kliknul proces vypnul a spolu sním se už neukázal proces conhost.exe NETWORK SERVICE ale očekávám že po restartu počítače se znovu ukáže. Ovladače od NVIDIA jsem používal donedávna bez potíží. Je snad napadnut ?
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 14:23:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1277 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:23:42, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Users\Petr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\Petr\Desktop\OTM.exe"
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7360 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006d0
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
C:\Users\Petr\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3584 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10023_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10023 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Petr\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-156912564715650288176593919241341968883-386051449142447313-1242434713-183059869
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "2040444576-1370699127-1198016290720038158-1518242708761059105-11868769471108232307
C:\Windows\system32\WerFault.exe -u -p 4692 -s 840
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\Petr\Desktop\OTM.exe [2015-05-01 522240]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 14:06:18 ----D---- C:\_OTM
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:39:39 ----N---- C:\bootsqm.dat
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 14:23:42 ----D---- C:\Windows\temp
2015-05-01 14:23:40 ----D---- C:\Program Files\trend micro
2015-05-01 14:14:59 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 14:10:59 ----D---- C:\ProgramData\NVIDIA
2015-05-01 14:07:10 ----D---- C:\Windows\system32\config
2015-05-01 14:06:56 ----D---- C:\Windows\System32
2015-05-01 14:06:20 ----D---- C:\Windows\Tasks
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-30 19:51:28 ----D---- C:\Windows\Prefetch
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:51:02 ----D---- C:\Windows
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 awabfn66;awabfn66; C:\Windows\system32\drivers\awabfn66.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe NETWORK SERVICE
Dvouklikem na soubor C:\Program Files\trend micro\Administrátor.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe NETWORK SERVICE
Provedeno. Přikládám nový log z RSIT. Dále při otevírání OTM na mě zrovna vyskočil nějaký log tak ho taky přikládám. Nicméně ten proklatý conhost.exe tu pořád naskakuje a mizí ale není už tak rychlý nevím čím to je ale setrvává delší dobu.
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3c77255-42c0-499f-b664-6e981a0b1647}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrátor
->Temp folder emptied: 5556634 bytes
->Temporary Internet Files folder emptied: 146484460 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5509357 bytes
->Flash cache emptied: 506 bytes
User: Administr�tor
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: OEM
->Temp folder emptied: 0 bytes
User: Petr
->Temp folder emptied: 204189550 bytes
->Temporary Internet Files folder emptied: 129377436 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 10458773 bytes
->Flash cache emptied: 528 bytes
User: Public
->Temp folder emptied: 0 bytes
User: TATA
->Temp folder emptied: 326600 bytes
->Temporary Internet Files folder emptied: 1685850 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1877 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 45763952 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6944 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58471427 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 580,00 mb
[EMPTYFLASH]
User: Administrátor
->Flash cache emptied: 0 bytes
User: Administr�tor
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: OEM
User: Petr
->Flash cache emptied: 0 bytes
User: Public
User: TATA
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05012015_140618
Files moved on Reboot...
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\9e53cac1f699e676ccc302d9cb5a5f_fce8395c8fd8a861_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\9e53cac1f699e676ccc302d9cb5a5f_fce8395c8fd8a861_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Petr\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
File move failed. C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 20:44:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1276 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:22, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7029 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006c4
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Windows\system32\taskmgr.exe" /1
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4816 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10026_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10026 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Petr\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "210691187816909899291755738094-752806931494606800148918135311705551351923782362
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "-345269342-1084239725-16008068211503910231182257170-1202738636-348736186-114378970
C:\Windows\system32\WerFault.exe -u -p 4640 -s 828
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 20:44:18 ----D---- C:\rsit
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 20:44:22 ----D---- C:\Windows\temp
2015-05-01 20:44:20 ----D---- C:\Program Files\trend micro
2015-05-01 20:37:52 ----D---- C:\Windows\system32\config
2015-05-01 20:37:49 ----D---- C:\Windows\Prefetch
2015-05-01 20:36:37 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 20:32:54 ----D---- C:\ProgramData\NVIDIA
2015-05-01 20:27:56 ----D---- C:\Windows
2015-05-01 14:06:56 ----D---- C:\Windows\System32
2015-05-01 14:06:20 ----D---- C:\Windows\Tasks
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 ascmr16s;ascmr16s; C:\Windows\system32\drivers\ascmr16s.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
All processes killed
========== FILES ==========
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0408ca3c18acf.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d042c2adf2cc5.job moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c3c77255-42c0-499f-b664-6e981a0b1647}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3c77255-42c0-499f-b664-6e981a0b1647}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrátor
->Temp folder emptied: 5556634 bytes
->Temporary Internet Files folder emptied: 146484460 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5509357 bytes
->Flash cache emptied: 506 bytes
User: Administr�tor
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: OEM
->Temp folder emptied: 0 bytes
User: Petr
->Temp folder emptied: 204189550 bytes
->Temporary Internet Files folder emptied: 129377436 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 10458773 bytes
->Flash cache emptied: 528 bytes
User: Public
->Temp folder emptied: 0 bytes
User: TATA
->Temp folder emptied: 326600 bytes
->Temporary Internet Files folder emptied: 1685850 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 1877 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 45763952 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6944 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58471427 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 580,00 mb
[EMPTYFLASH]
User: Administrátor
->Flash cache emptied: 0 bytes
User: Administr�tor
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: OEM
User: Petr
->Flash cache emptied: 0 bytes
User: Public
User: TATA
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 05012015_140618
Files moved on Reboot...
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\9e53cac1f699e676ccc302d9cb5a5f_fce8395c8fd8a861_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Petr\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\9e53cac1f699e676ccc302d9cb5a5f_fce8395c8fd8a861_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Petr\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll moved successfully.
File move failed. C:\Users\Petr\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Administrátor at 2015-05-01 20:44:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 1276 GB (67%) free of 1908 GB
Total RAM: 8175 MB (76% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:44:22, on 1.5.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Administrátor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKCU\..\RunOnce: [Report] \AdwCleaner\AdwCleaner[S29].txt
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - http://assets.photobox.com/assets/v/ra3 ... _0fSS8.cab
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} - https://carina.cd.cz/dwa85W.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - https://carina.cd.cz/dwa7W.cab
O18 - Protocol: abs - {E00957BD-D0E1-4EB9-A025-7743FDC8B27B} - mscoree.dll (file missing)
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 7029 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_000006c4
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
"C:\Windows\system32\taskmgr.exe" /1
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4816 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10026_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1492778448-2556657456-2968204072-10026 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Petr\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "210691187816909899291755738094-752806931494606800148918135311705551351923782362
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" b58d72f4-5579-456b-8212-6a6ca03df70d 1
\??\C:\Windows\system32\conhost.exe "-345269342-1084239725-16008068211503910231182257170-1202738636-348736186-114378970
C:\Windows\system32\WerFault.exe -u -p 4640 -s 828
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Acrobat Update Task.job - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Administrátor\AppData\Roaming\Mozilla\Firefox\Profiles\aoprsa0j.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.75.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.75.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
NPOFF12.DLL
nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-02-13 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-02-13 211880]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"*WerKernelReporting"=C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Report"=\AdwCleaner\AdwCleaner[S29].txt [2015-05-01 1533]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\*WerKernelReporting]
C:\Windows\SYSTEM32\WerFault.exe [2009-07-14 415232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-03-24 726320]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=60
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-05-01 20:44:18 ----D---- C:\rsit
2015-05-01 08:35:26 ----SHD---- C:\Config.Msi
2015-04-25 20:30:21 ----D---- C:\ProgramData\Riot Games
2015-04-25 20:26:36 ----D---- C:\Riot Games
2015-04-19 23:50:44 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-19 23:31:55 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 22:09:23 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-04-19 21:38:29 ----SHD---- C:\found.000
2015-04-17 16:22:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-04-17 16:22:38 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-04-16 20:04:33 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-04-16 20:01:31 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvopencl.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispgenco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\nvdispco6435012.dll
2015-04-16 20:01:31 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-04-16 20:01:30 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglv64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvinitx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvIFR64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\NvFBC64.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuvid.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcuda.dll
2015-04-16 20:01:30 ----A---- C:\Windows\system32\nvcompiler.dll
2015-04-16 19:46:46 ----D---- C:\Users\Administrátor\AppData\Roaming\Avira
2015-04-16 19:29:47 ----D---- C:\Program Files (x86)\Ubisoft
2015-04-16 14:49:07 ----D---- C:\Users\Administrátor\AppData\Roaming\GetRightToGo
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-04-16 14:32:45 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-04-16 14:32:44 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-04-16 14:28:07 ----D---- C:\ProgramData\Avira
2015-04-16 14:28:07 ----D---- C:\Program Files (x86)\Avira
2015-04-15 16:58:44 ----D---- C:\ProgramData\CheckPoint
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 10:33:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\smss.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 10:33:26 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 10:33:26 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 10:33:26 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 10:33:25 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 10:33:25 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 10:33:21 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 10:33:20 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 10:33:19 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 10:33:18 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 10:33:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 10:33:17 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 10:33:17 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 10:33:16 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 10:33:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 10:33:16 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 10:33:15 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 10:33:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 10:33:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 10:33:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 10:33:13 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 10:33:12 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wups.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 10:33:10 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 10:31:46 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 10:31:46 ----A---- C:\Windows\system32\clfs.sys
2015-04-04 16:15:29 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-04 16:15:29 ----SD---- C:\Windows\system32\GWX
======List of files/folders modified in the last 1 month======
2015-05-01 20:44:22 ----D---- C:\Windows\temp
2015-05-01 20:44:20 ----D---- C:\Program Files\trend micro
2015-05-01 20:37:52 ----D---- C:\Windows\system32\config
2015-05-01 20:37:49 ----D---- C:\Windows\Prefetch
2015-05-01 20:36:37 ----A---- C:\Windows\SYSWOW64\log.txt
2015-05-01 20:32:54 ----D---- C:\ProgramData\NVIDIA
2015-05-01 20:27:56 ----D---- C:\Windows
2015-05-01 14:06:56 ----D---- C:\Windows\System32
2015-05-01 14:06:20 ----D---- C:\Windows\Tasks
2015-05-01 11:28:05 ----RD---- C:\Program Files (x86)
2015-05-01 11:24:23 ----D---- C:\AdwCleaner
2015-05-01 08:35:50 ----SHD---- C:\Windows\Installer
2015-05-01 08:34:49 ----D---- C:\Windows\system32\drivers
2015-05-01 08:34:48 ----D---- C:\Windows\system32\DriverStore
2015-05-01 08:34:48 ----D---- C:\Windows\inf
2015-05-01 08:34:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-29 18:13:24 ----D---- C:\Program Files (x86)\Steam
2015-04-29 14:16:35 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-28 23:07:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-25 20:50:06 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-25 20:30:21 ----D---- C:\ProgramData
2015-04-25 20:27:16 ----SHD---- C:\System Volume Information
2015-04-25 20:27:02 ----D---- C:\Windows\Logs
2015-04-21 15:57:41 ----D---- C:\Windows\system32\Tasks
2015-04-21 15:57:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-19 23:46:24 ----D---- C:\Users\Administrátor\AppData\Roaming\vlc
2015-04-19 21:52:37 ----D---- C:\Windows\debug
2015-04-18 21:44:57 ----D---- C:\Windows\SysWOW64
2015-04-18 13:34:46 ----D---- C:\Windows\rescache
2015-04-18 13:30:52 ----D---- C:\Windows\AppCompat
2015-04-17 21:05:08 ----RSD---- C:\Windows\assembly
2015-04-17 16:22:38 ----D---- C:\Windows\system32\LogFiles
2015-04-16 20:05:03 ----D---- C:\ProgramData\NVIDIA Corporation
2015-04-16 20:04:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-04-16 19:31:37 ----D---- C:\Windows\system32\catroot
2015-04-16 17:50:38 ----D---- C:\Windows\Microsoft.NET
2015-04-16 14:26:28 ----D---- C:\Windows\winsxs
2015-04-15 23:30:14 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 23:30:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\cs-CZ
2015-04-15 23:30:14 ----D---- C:\Windows\system32\appraiser
2015-04-15 23:30:14 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 23:30:14 ----D---- C:\Windows\AppPatch
2015-04-15 23:30:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 23:30:07 ----D---- C:\Windows\system32\en-US
2015-04-15 23:30:07 ----D---- C:\Program Files\Internet Explorer
2015-04-15 23:30:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 16:57:53 ----D---- C:\ProgramData\Package Cache
2015-04-15 10:42:58 ----D---- C:\ProgramData\Microsoft Help
2015-04-15 10:42:04 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 10:39:59 ----D---- C:\Windows\system32\MRT
2015-04-15 10:37:18 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 10:32:08 ----D---- C:\Windows\system32\catroot2
2015-04-12 09:57:12 ----D---- C:\ProgramData\Norton
2015-04-11 21:11:37 ----D---- C:\Program Files\Common Files
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\OpenCL.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58:18 ----A---- C:\Windows\system32\nvapi64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30:18 ----A---- C:\Windows\system32\nvcpl.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30:14 ----A---- C:\Windows\system32\nvshext.dll
2015-04-08 23:30:13 ----A---- C:\Windows\system32\nvmctray.dll
2015-04-04 19:25:17 ----D---- C:\Windows\system32\wbem
2015-04-03 09:47:34 ----SHD---- C:\$RECYCLE.BIN
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-19 136408]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-06 564824]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-03-24 132120]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-03-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-06 283200]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2015-04-14 107736]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-03-24 128536]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-03-24 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2015-01-02 42696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-04-14 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-04-14 63704]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-12-08 64624]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-11-19 181248]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-05 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-01-20 888536]
S1 FldSafe;FldSafe; C:\Windows\system32\DRIVERS\FldSafe.sys []
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2015-01-02 310728]
S3 ascmr16s;ascmr16s; C:\Windows\system32\drivers\ascmr16s.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 gdrv;gdrv; C:\Windows\system32\drivers\gdrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-07-29 29720]
S3 Prot6Flt;Prot6Flt; C:\Windows\system32\DRIVERS\Prot6Flt.sys []
S3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2013-04-29 47632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-03-24 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-03-24 434424]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-05 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-04-14 1080120]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-04-14 1871160]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-04-08 936264]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-04-08 410952]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-03-24 815920]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-03-24 1004280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-04-14 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-04 107912]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-12-25 1903472]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe NETWORK SERVICE
Tak on běžet musí, neboť je to systémový soubor. Podrobnosti zde: http://translate.google.cz/translate?hl ... rev=search . Log je OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: conhost.exe NETWORK SERVICE
Tak jsem nainstaloval starší verzi ovladače a je po problému proces je stálý a stabilní.Plně chápu že proces conhost.exe je sám o sobě neškodný ale aby se proces vypínal a zapínal pořád dokola jak kulomet mi nepřišlo jako normální stav. Děkuji za pomoc z vyčištěním počítače počítač jede jako kdyby byl novej.
-
Rudy
- Site Admin
- Příspěvky: 119677
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: conhost.exe NETWORK SERVICE
Přes něj chodí síť. služby. Něco se patrně přihlašovalo na síť. Hlavně, že je to vyřešeno. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?