Dobrý deň,
včera som natrafila zrejme na zavírenú stránku. Zrazu sa mi spustil príkazový priadok, spravilo mi tam nejakú operáciu, tuším niekde na C disku a potom sa mi sám od seba nainštaloval prehliadač Opera. Keď sa nainštaloval, hneď sa otvoril a potom mi pribudli ďalšie 2 divné programy. Okamžite som to odinštalovala. Následne mi spustilo nejaký program na ochranu PC, ktorý som tam nikdy nemala a začal skenovať PC. Okamžite som to zrušila a medzitým pribudli ďalšie 2 divné programy. Nakoniec som všetko odinštalovala, no PC sa načítava pomaly, keď sa načíta vyhodí na plochu hlášku, že načítava sa pracovná plocha, čo nikdy pred tým nerobilo. V dolnej lište mi pribudla modrá ikonka e (prikladám obrázok) ktorú som tam nikdy nemala. Neviem to otvoriť ani v ovládacom panely medzi programami nič také nie je. Chcem vás poprosiť o kontrolu logu, či v PC je nejaký vírus alebo niečo škodlivé.
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by asus at 2015-05-08 10:11:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (14%) free of 200 GB
Total RAM: 8131 MB (80% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:11:43, on 8. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\XTab\cmdshell.exe
C:\Program Files (x86)\XTab\HPNotify.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\asus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=dsp ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=dsp ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [YTDownloader] "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Metal Maker - Unknown owner - C:\Program Files (x86)\Metal Maker\updateMetalMaker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - SysTool PasSame LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10128 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
taskeng.exe {289F1ADE-6B1E-48EB-B63F-62E7482D9259}
taskeng.exe {0BB10B1B-2F02-4815-A4E5-14EA2A833127}
"C:\Program Files (x86)\ASUS\APRP\aprp.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files (x86)\XTab\cmdshell.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
HPNotify.exe -run
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-14f50b4f-d72a-48a9-9071-471c3774682c -SystemEventPortName:HostProcess-26683394-0aab-490f-946b-94bd764f4f47 -IoCancelEventPortName:HostProcess-7cb58a00-c5ba-47b6-9aa7-1ede8eaca3d9 -NonStateChangingEventPortName:HostProcess-06fb52c5-7197-4771-ac01-9fe9fbc269dc -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:18d99dd6-7297-4dce-a311-1d481df925c4 -DeviceGroupId:
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\asus\AppData\Local\Steam\htmlcache" -steampid 3584 -buildid 1428965940 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="272.0.1027763886\544444718" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42,51 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Enabled/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=272 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="272.8.1725250243\62277533" /prefetch:673131151
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Users\asus\Downloads\RSITx64 (2).exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\BYAIAMUF.job - C:\Users\asus\AppData\Roaming\BYAIAMUF.exe /infocmdline=Zk944nwd8dpmZiSVJ9syIziRvJyG8RlpV5GzR6BLz0p+jTtIoZJkMdKkWNW3L58j4fOdt00WMlVDM33wf1DUTvX+wEBy1+7AYoneB/axgevxlcSWnDzY4mwbUy49r9I3wk47DqtEblWTRs6t6Si3XIAkvrwz/Q15rzUu22kuN1UzjgfcCzfJvg1gf9eQKp7B5FvK2R/fiMdd1RD6frG91UYd2yXwzrn6Ek8z6NN1qKGdTpKhl72en65fPCfNxVW7qrCVmc7Tvl09ajq/p/SIlNIJKNwh0O5qzmMRkBGY8ouqy32fEzLeESE739suwlaR/pVe2MVyUIduJhgZmC/3JanDIAUemw2jScGMIFapC4OK5RUFHrggfChqixtrcIkZFpD+rq7hYPZC4HZOb0TGtYCY81Bk1XL/5LDSVzH7HqDBIcsBVGlP7StfFcxMET5ow+qC7OuldWgXJzhiRDLiLcQUtFrQr+MbtKEn96GypnKYhMGt13pWRp1o5QfjHRRgsZkLutK+wRg09MBTdV6esMVJAnVrHQ18v7KwLAnjHLQ6qygpZwcc4FRKmt288xLM80NNLghoNjL7A5LleUPNwEK91s0rHvKmd83SdnKb64/+DklNpVBvfiP1S7ufH9ZR3T06y0c1dfgiSyZsKto8dEXbr5D/fQu+D2xz3adWKyg=
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\Windows\tasks\GNOK.job - C:\Users\asus\AppData\Roaming\GNOK.exe /infocmdline=emO1mktr9Obaei92XMF1dC5lbAn/0WJHuEG4eiX2spWq2c+vZXHXu63j1G+2rENGAwS0p1z76qZsvo7LgQRLrqxkWIpk/c52I2M2UY3csISE4QehA2gleFHfrxoZfG9TL/klrgDp8WMDVFcJ5n5Tqol8oSiCuSkn0eBvjDTZzm4Cume6LYtwgI0rXkOudoJMOhCFyn6fnL25aTB6r/7RVJd6HfYqtZsP6G/utDmEpCRQa/meBwpsR8Y7E5N+tRjLQQ7TdUUwrpKwrPi5mfy5Cm/ifU7HcT398XHFLV7viLJ4Ki9MLWO8tYb9hPfvvAbhHQY2yJ/oDdoJrdqirR6j5ZmQ7+iHydvjvt3SX/Mcq39fHn7+5rLcvQYFsws6aNnsPVR9WJr9K63TIOPEbhZyZtZ+BEEAU+npIVtVk+IdtweH4isV9oF5rQY6WKkJRHj3Di2+IVBbpRqSQKqNDy7V896LpC9CiW+17TE8S7vtPT0ICRF9hIXCVSeiCC4WZGHH
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\
sweetsearch@gmail.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-17 545264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-17 193520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-11-20 6846096]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2015-04-14 2889408]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"OrderReminder"=C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
"YTDownloader"=C:\Program Files (x86)\YTDownloader\YTDownloader.exe /boot []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 10:11:42 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2015-05-08 00:38:12 ----D---- C:\ProgramData\Reimage Protector
2015-05-08 00:38:01 ----D---- C:\Program Files\Reimage
2015-05-08 00:37:21 ----A---- C:\Windows\Reimage.ini
2015-05-08 00:00:06 ----A---- C:\Windows\system32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys
2015-05-07 23:59:04 ----D---- C:\Users\asus\AppData\Roaming\MiniGet
2015-05-07 23:59:03 ----D---- C:\Program Files (x86)\MiniGet
2015-05-07 23:58:34 ----D---- C:\Program Files (x86)\Metal Maker
2015-05-07 23:54:16 ----D---- C:\Users\asus\AppData\Roaming\Opera Software
2015-05-07 23:53:53 ----D---- C:\Program Files (x86)\Opera
2015-05-07 23:52:56 ----A---- C:\Users\asus\AppData\Roaming\GNOK.exe
2015-05-07 23:52:27 ----D---- C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-07 23:52:25 ----A---- C:\Users\asus\AppData\Roaming\BYAIAMUF.exe
2015-05-07 23:52:10 ----D---- C:\Program Files (x86)\globalUpdate
2015-05-07 23:51:46 ----D---- C:\ProgramData\IHProtectUpDate
2015-05-07 23:51:45 ----D---- C:\Program Files (x86)\XTab
2015-05-07 23:51:40 ----D---- C:\ProgramData\WindowsMangerProtect
2015-04-28 08:45:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-19 15:18:22 ----D---- C:\ProgramData\ThinkBuzan
2015-04-19 15:18:22 ----D---- C:\ProgramData\JSoft
2015-04-19 15:18:02 ----SHD---- C:\AI_RecycleBin
2015-04-19 15:18:02 ----D---- C:\Program Files (x86)\ThinkBuzan
2015-04-15 17:31:16 ----D---- C:\Windows\system32\appraiser
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-15 08:03:03 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 08:03:02 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 08:02:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 08:02:59 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 08:02:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 08:02:57 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 08:02:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 08:02:56 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\smss.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 08:02:41 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 08:02:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:02:36 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:02:30 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfs.sys
2015-04-15 08:02:26 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
======List of files/folders modified in the last 1 month======
2015-05-08 10:11:42 ----D---- C:\Windows\system32\drivers
2015-05-08 10:11:40 ----D---- C:\Program Files\trend micro
2015-05-08 10:11:36 ----D---- C:\Windows\Temp
2015-05-08 10:09:51 ----D---- C:\Program Files (x86)\Steam
2015-05-08 10:09:41 ----D---- C:\Windows\System32
2015-05-08 10:08:51 ----D---- C:\ProgramData\NVIDIA
2015-05-08 00:49:46 ----D---- C:\Windows\system32\config
2015-05-08 00:48:31 ----D---- C:\Windows\inf
2015-05-08 00:48:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-08 00:46:23 ----RD---- C:\Program Files (x86)
2015-05-08 00:46:20 ----D---- C:\Windows\Tasks
2015-05-08 00:46:20 ----D---- C:\Windows\system32\Tasks
2015-05-08 00:38:12 ----HD---- C:\ProgramData
2015-05-08 00:38:01 ----RD---- C:\Program Files
2015-05-08 00:37:21 ----D---- C:\Windows
2015-05-08 00:35:26 ----HD---- C:\Windows\system32\GroupPolicy
2015-05-08 00:35:26 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-05-08 00:33:08 ----A---- C:\Windows\win.ini
2015-05-08 00:32:16 ----D---- C:\Windows\SysWOW64
2015-05-08 00:24:30 ----D---- C:\Windows\system32\catroot2
2015-05-08 00:06:41 ----D---- C:\Program Files\Common Files\System
2015-05-08 00:01:01 ----SHD---- C:\Windows\Installer
2015-05-07 23:59:43 ----SHD---- C:\System Volume Information
2015-05-07 23:51:59 ----D---- C:\Windows\Prefetch
2015-05-01 12:14:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 15:23:26 ----D---- C:\Users\asus\AppData\Roaming\vlc
2015-04-25 15:22:53 ----D---- C:\Users\asus\AppData\Roaming\dvdcss
2015-04-17 18:50:10 ----D---- C:\Windows\AppCompat
2015-04-15 20:09:10 ----D---- C:\Windows\rescache
2015-04-15 17:40:23 ----D---- C:\Windows\Microsoft.NET
2015-04-15 17:40:03 ----RSD---- C:\Windows\assembly
2015-04-15 17:33:26 ----D---- C:\Windows\winsxs
2015-04-15 17:31:16 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 17:31:16 ----SD---- C:\ProgramData\Microsoft
2015-04-15 17:31:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\system32\wbem
2015-04-15 17:31:16 ----D---- C:\Windows\system32\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 17:31:16 ----D---- C:\Windows\AppPatch
2015-04-15 17:31:15 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 17:31:15 ----D---- C:\Windows\system32\en-US
2015-04-15 17:31:15 ----D---- C:\Program Files\Internet Explorer
2015-04-15 17:31:15 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 15:14:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 15:12:58 ----D---- C:\Windows\system32\MRT
2015-04-15 15:03:59 ----A---- C:\Windows\system32\MRT.exe
2015-04-13 21:15:32 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 {3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64;{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64; C:\Windows\system32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys [2015-05-07 48784]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-11-21 4213904]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-03-12 64624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-01-25 23680]
S3 cpuz134;cpuz134; \??\C:\Users\asus\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;Sony so0103 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2015-04-20 158816]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-25 66872]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-01-14 7410024]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-05-07 337064]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-07 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S2 Update Metal Maker;Update Metal Maker; C:\Program Files (x86)\Metal Maker\updateMetalMaker.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-05-07 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, sťahuje mi podozrivé programy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu, sťahuje mi podozrivé programy
- Přílohy
-
- Bez názvu.jpg (16.63 KiB) Zobrazeno 1116 x
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Zdravim 
Minule jste kontrolu nedokoncila. Ma cenu se tim zabyvat?
Dokoncite to tentokrat?
Jinak havet tam je
Minule jste kontrolu nedokoncila. Ma cenu se tim zabyvat?
Dokoncite to tentokrat?Jinak havet tam je
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Som si toho vedomá. Určite ju dokončím. Prosím pomôžte mi.
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Dobra tedy 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Postupujte podle navodu kolegy
Postupujte podle navodu kolegy
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Postupujte podle navodu kolegy
vyosek píše:
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Postupujte podle navodu kolegy
vyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
1.
# AdwCleaner v4.203 - Log vytvorený 08/05/2015 at 10:41:45
# Aktualizované 30/04/2015 by Xplode
# Databáza : 2015-05-05.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : asus - ASUS-PC
# Spustené z : C:\Users\asus\Desktop\adwcleaner_4.203.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
[#] Služba Zmazané : globalUpdate
[#] Služba Zmazané : globalUpdatem
[#] Služba Zmazané : IHProtect Service
[#] Služba Zmazané : WindowsMangerProtect
Služba Zmazané : {3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\MediaDrug
Priečinok Zmazané : C:\ProgramData\WindowsMangerProtect
Priečinok Zmazané : C:\ProgramData\ytd video downloader
Priečinok Zmazané : C:\ProgramData\IHProtectUpDate
Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Priečinok Zmazané : C:\Program Files (x86)\globalUpdate
Priečinok Zmazané : C:\Program Files (x86)\GreenTree Applications
Priečinok Zmazané : C:\Program Files (x86)\XTab
Priečinok Zmazané : C:\Program Files (x86)\Metal Maker
Priečinok Zmazané : C:\Users\asus\AppData\Local\Temp\Metal Maker
Priečinok Zmazané : C:\Program Files\Reimage
Priečinok Zmazané : C:\Users\asus\AppData\Local\globalUpdate
Priečinok Zmazané : C:\Users\asus\AppData\Local\PackageAware
Priečinok Zmazané : C:\Users\asus\AppData\Local\BrowserHelper
Priečinok Zmazané : C:\Users\asus\AppData\Local\MediaDrug
Priečinok Zmazané : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaDrug
Priečinok Zmazané : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\Extensions\sweetsearch@gmail.com
Súbor Zmazané : C:\Windows\Reimage.ini
Súbor Zmazané : C:\Windows\System32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys
Súbor Zmazané : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\user.js
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filesharefanatic.dl.tb.ask.com_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filesharefanatic.dl.tb.ask.com_0.localstorage-journal
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
Úloha Zmazané : globalUpdateUpdateTaskMachineCore
Úloha Zmazané : globalUpdateUpdateTaskMachineUA
Úloha Zmazané : LaunchSignup
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Hodnota Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Zmazané : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKCU\Software\APN PIP
Kľúč registra Zmazané : HKCU\Software\GlobalUpdate
Kľúč registra Zmazané : HKCU\Software\HomeTab
Kľúč registra Zmazané : HKCU\Software\simplytech
Kľúč registra Zmazané : HKCU\Software\Softonic
Kľúč registra Zmazané : HKCU\Software\Reimage
Kľúč registra Zmazané : HKCU\Software\TNT2
Kľúč registra Zmazané : HKCU\Software\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\SearchProtectWS
Kľúč registra Zmazané : HKCU\Software\Crossbrowse
Kľúč registra Zmazané : HKCU\Software\SavePass1.1
Kľúč registra Zmazané : HKCU\Software\Linkey
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Crossrider
Kľúč registra Zmazané : HKLM\SOFTWARE\AskPartnerNetwork
Kľúč registra Zmazané : HKLM\SOFTWARE\Conduit
Kľúč registra Zmazané : HKLM\SOFTWARE\GlobalUpdate
Kľúč registra Zmazané : HKLM\SOFTWARE\Iminent
Kľúč registra Zmazané : HKLM\SOFTWARE\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\SupDp
Kľúč registra Zmazané : HKLM\SOFTWARE\supWindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\IHProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Kľúč registra Zmazané : HKLM\SOFTWARE\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Crossbrowse
Kľúč registra Zmazané : HKLM\SOFTWARE\SpeedBit
Kľúč registra Zmazané : HKLM\SOFTWARE\AIM Toolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\oursurfingSoftware
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-041B-0000-0000000FF1CE}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\ShopperPro
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Reimage
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\YTDownloader
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.2 (x86 sk)
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.alias", "oursurfing");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/web/favicon.ico");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.name", "oursurfing");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=dspp&ts=14 ... Z340C2B1&q[...]
-\\ Google Chrome v42.0.2311.135
[C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=14 ... earchTerms}
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [9417 bajtov] - [20/11/2014 21:52:22]
AdwCleaner[R1].txt - [9477 bajtov] - [20/11/2014 21:55:05]
AdwCleaner[R2].txt - [9537 bajtov] - [20/11/2014 21:58:11]
AdwCleaner[R3].txt - [17516 bajtov] - [08/05/2015 10:41:11]
AdwCleaner[S0].txt - [10036 bajtov] - [20/11/2014 21:59:34]
AdwCleaner[S1].txt - [15429 bajtov] - [08/05/2015 10:41:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15490 bajtov] ##########
2.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.8 (05.06.2015:1)
OS: Windows 7 Home Premium x64
Ran by asus on pi 08. 05. 2015 at 10:44:24,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Metal Maker
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ai_recyclebin
~~~ FireFox
Successfully deleted the following from C:\Users\asus\AppData\Roaming\mozilla\firefox\profiles\w5tgjon3.default\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, amt);
user_pref(browser.search.searchengine.uid, ST2000DM001-1CH164_Z340C2B1XXXXZ340C2B1);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 08. 05. 2015 at 10:46:20,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by asus on pi 08. 05. 2015 at 10:48:26,69.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-23-123022.log 9284 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
user.js not found
---- Lines Sweet modified from prefs.js ----
user_pref("extensions.enabledAddons", "sweetsearch%40gmail.com:1.0.0.1031,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs_201508.05._1056_.backup
==== Batch Command(s) Run By Tool======================
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
==== Deleting Files \ Folders ======================
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf not found
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\sweetsearch@gmail.com not found
C:\PROGRA~2\MiniGet deleted
C:\Users\asus\AppData\Local\CrashRpt deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\asus\Downloads\android-studio-bundle-135.1641136.exe deleted
C:\Users\asus\Downloads\SoftonicDownloader_for_ytd-video-downloader.exe deleted
C:\Windows\tasks\BYAIAMUF.job deleted
C:\windows\SysNative\tasks\BYAIAMUF deleted
C:\Windows\tasks\GNOK.job deleted
C:\windows\SysNative\tasks\GNOK deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\asus\AppData\Roaming\BYAIAMUF.exe deleted
C:\Users\asus\AppData\Roaming\GNOK.exe deleted
"C:\Users\asus\AppData\Roaming\BYAIAMUF" deleted
"C:\Users\asus\AppData\Roaming\GNOK" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
Bookmark Manager - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
==== Chromium Fix ======================
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\asus\AppData\Local\Mozilla\Firefox\Profiles\w5tgjon3.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\asus\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=17 folders=8 872296974 bytes)
==== Empty Temp Folders ======================
C:\Users\asus\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\asus\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on pi 08. 05. 2015 at 10:59:35,23 ======================
# AdwCleaner v4.203 - Log vytvorený 08/05/2015 at 10:41:45
# Aktualizované 30/04/2015 by Xplode
# Databáza : 2015-05-05.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : asus - ASUS-PC
# Spustené z : C:\Users\asus\Desktop\adwcleaner_4.203.exe
# Nastavenia : Čistenie
***** [ Služby ] *****
[#] Služba Zmazané : globalUpdate
[#] Služba Zmazané : globalUpdatem
[#] Služba Zmazané : IHProtect Service
[#] Služba Zmazané : WindowsMangerProtect
Služba Zmazané : {3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64
***** [ Súbory / Priečinky ] *****
Priečinok Zmazané : C:\MediaDrug
Priečinok Zmazané : C:\ProgramData\WindowsMangerProtect
Priečinok Zmazané : C:\ProgramData\ytd video downloader
Priečinok Zmazané : C:\ProgramData\IHProtectUpDate
Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Priečinok Zmazané : C:\Program Files (x86)\globalUpdate
Priečinok Zmazané : C:\Program Files (x86)\GreenTree Applications
Priečinok Zmazané : C:\Program Files (x86)\XTab
Priečinok Zmazané : C:\Program Files (x86)\Metal Maker
Priečinok Zmazané : C:\Users\asus\AppData\Local\Temp\Metal Maker
Priečinok Zmazané : C:\Program Files\Reimage
Priečinok Zmazané : C:\Users\asus\AppData\Local\globalUpdate
Priečinok Zmazané : C:\Users\asus\AppData\Local\PackageAware
Priečinok Zmazané : C:\Users\asus\AppData\Local\BrowserHelper
Priečinok Zmazané : C:\Users\asus\AppData\Local\MediaDrug
Priečinok Zmazané : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaDrug
Priečinok Zmazané : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\Extensions\sweetsearch@gmail.com
Súbor Zmazané : C:\Windows\Reimage.ini
Súbor Zmazané : C:\Windows\System32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys
Súbor Zmazané : C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\user.js
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filesharefanatic.dl.tb.ask.com_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_filesharefanatic.dl.tb.ask.com_0.localstorage-journal
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
Súbor Zmazané : C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
***** [ Naplánované úlohy ] *****
Úloha Zmazané : globalUpdateUpdateTaskMachineCore
Úloha Zmazané : globalUpdateUpdateTaskMachineUA
Úloha Zmazané : LaunchSignup
***** [ Zástupcovia ] *****
***** [ Registre ] *****
Hodnota Zmazané : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [sweetsearch@gmail.com]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Kľúč registra Zmazané : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Hodnota Zmazané : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKCU\Software\APN PIP
Kľúč registra Zmazané : HKCU\Software\GlobalUpdate
Kľúč registra Zmazané : HKCU\Software\HomeTab
Kľúč registra Zmazané : HKCU\Software\simplytech
Kľúč registra Zmazané : HKCU\Software\Softonic
Kľúč registra Zmazané : HKCU\Software\Reimage
Kľúč registra Zmazané : HKCU\Software\TNT2
Kľúč registra Zmazané : HKCU\Software\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\SearchProtectWS
Kľúč registra Zmazané : HKCU\Software\Crossbrowse
Kľúč registra Zmazané : HKCU\Software\SavePass1.1
Kľúč registra Zmazané : HKCU\Software\Linkey
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Crossrider
Kľúč registra Zmazané : HKLM\SOFTWARE\AskPartnerNetwork
Kľúč registra Zmazané : HKLM\SOFTWARE\Conduit
Kľúč registra Zmazané : HKLM\SOFTWARE\GlobalUpdate
Kľúč registra Zmazané : HKLM\SOFTWARE\Iminent
Kľúč registra Zmazané : HKLM\SOFTWARE\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\SupDp
Kľúč registra Zmazané : HKLM\SOFTWARE\supWindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\IHProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Kľúč registra Zmazané : HKLM\SOFTWARE\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Crossbrowse
Kľúč registra Zmazané : HKLM\SOFTWARE\SpeedBit
Kľúč registra Zmazané : HKLM\SOFTWARE\AIM Toolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\oursurfingSoftware
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90120000-00B2-041B-0000-0000000FF1CE}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\ShopperPro
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Reimage
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\YTDownloader
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Webové prehliadače ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v37.0.2 (x86 sk)
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.alias", "oursurfing");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/web/favicon.ico");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.name", "oursurfing");
[w5tgjon3.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=dspp&ts=14 ... Z340C2B1&q[...]
-\\ Google Chrome v42.0.2311.135
[C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=14 ... earchTerms}
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [9417 bajtov] - [20/11/2014 21:52:22]
AdwCleaner[R1].txt - [9477 bajtov] - [20/11/2014 21:55:05]
AdwCleaner[R2].txt - [9537 bajtov] - [20/11/2014 21:58:11]
AdwCleaner[R3].txt - [17516 bajtov] - [08/05/2015 10:41:11]
AdwCleaner[S0].txt - [10036 bajtov] - [20/11/2014 21:59:34]
AdwCleaner[S1].txt - [15429 bajtov] - [08/05/2015 10:41:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15490 bajtov] ##########
2.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.8 (05.06.2015:1)
OS: Windows 7 Home Premium x64
Ran by asus on pi 08. 05. 2015 at 10:44:24,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Metal Maker
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ai_recyclebin
~~~ FireFox
Successfully deleted the following from C:\Users\asus\AppData\Roaming\mozilla\firefox\profiles\w5tgjon3.default\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, amt);
user_pref(browser.search.searchengine.uid, ST2000DM001-1CH164_Z340C2B1XXXXZ340C2B1);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pi 08. 05. 2015 at 10:46:20,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
3.
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by asus on pi 08. 05. 2015 at 10:48:26,69.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\asus\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2014-11-23-123022.log 9284 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\prefs.js:
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
user.js not found
---- Lines Sweet modified from prefs.js ----
user_pref("extensions.enabledAddons", "sweetsearch%40gmail.com:1.0.0.1031,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.2");
---- Lines browser.startup.page removed from prefs.js ----
user_pref("browser.startup.page", 1);
---- FireFox user.js and prefs.js backups ----
prefs_201508.05._1056_.backup
==== Batch Command(s) Run By Tool======================
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
==== Deleting Files \ Folders ======================
C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf not found
C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\sweetsearch@gmail.com not found
C:\PROGRA~2\MiniGet deleted
C:\Users\asus\AppData\Local\CrashRpt deleted
C:\Users\Public\Documents\ShopperPro deleted
C:\Users\asus\Downloads\android-studio-bundle-135.1641136.exe deleted
C:\Users\asus\Downloads\SoftonicDownloader_for_ytd-video-downloader.exe deleted
C:\Windows\tasks\BYAIAMUF.job deleted
C:\windows\SysNative\tasks\BYAIAMUF deleted
C:\Windows\tasks\GNOK.job deleted
C:\windows\SysNative\tasks\GNOK deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\asus\AppData\Roaming\BYAIAMUF.exe deleted
C:\Users\asus\AppData\Roaming\GNOK.exe deleted
"C:\Users\asus\AppData\Roaming\BYAIAMUF" deleted
"C:\Users\asus\AppData\Roaming\GNOK" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
Bookmark Manager - asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
==== Chromium Fix ======================
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com/"
"Start Page"="http://www.google.com/"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data copy was reset successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\asus\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\asus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\asus\AppData\Local\Mozilla\Firefox\Profiles\w5tgjon3.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
C:\Users\asus\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=17 folders=8 872296974 bytes)
==== Empty Temp Folders ======================
C:\Users\asus\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\asus\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on pi 08. 05. 2015 at 10:59:35,23 ======================
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Nejde mi to spustiť podľa návod, ukazuje mi že trial verzia už skončila.
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Nemusite zapinat trial verzi. Na sken staci free verze. Jde hlavne o nastaveni testu - cili vlastni sken vsech disku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum skenovania: 8. 5. 2015
Scan ??as: 12:35:12
Logfile: log.txt
Správca: áno
Verzia: 2.01.6.1022
Malware databázy: v2015.05.08.03
Rootkit databázy: v2015.04.21.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne
OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: asus
Typ skenu: Prispôsobená kontrola
Výsledok: Dokon??ené
Objekty naskenované: 549269
Uplynulý ??as: 1 hr, 8 min 51 sekúnd
Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené
Procesy: 0
(Žiadne zákernej položky neboli zistené)
Moduly: 0
(Žiadne zákernej položky neboli zistené)
Kľú??e databázy Registry: 21
PUP.Optional.IEMultiBHO.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, , [47ec662b5a30181ee0c4ee5bec1747b9],
PUP.Optional.IEMultiBHO.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, , [47ec662b5a30181ee0c4ee5bec1747b9],
PUP.Optional.MetalMaker.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D1ED8AB0-4DFF-42DE-95DA-49E0537B3612}, , [70c3771a57338ea80cb213792fd440c0],
PUP.Optional.MetalMaker.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D1ED8AB0-4DFF-42DE-95DA-49E0537B3612}, , [70c3771a57338ea80cb213792fd440c0],
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, , [3ef5cbc691f9c86ebaebce000bf807f9],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [2d06028f850573c3a4b1eee1cd3653ad],
PUP.Optional.MetalMaker.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Metal Maker, , [a58ea1f04248a88e9caee77a22e3a45c],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv, , [e74ca9e83d4d0f276c61e9090df646ba],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [92a1622fc7c34cea08c5e1111ee5659b],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [6cc7c8c9dab09f97887f78e7ab5ad828],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, , [092ad3be8604f0460700d28d699c38c8],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv, , [3df692ff87032511a421758032d1b54b],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv-ie, , [56dd95fcfb8fc86ee9dc33c2c142e020],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv, , [a0930d841d6da2942674104f8085d42c],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, , [ae853061addda1953c5eb6a9eb1aa55b],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [fd36028ffa90b28403c1f86d1beaa25e],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [76bda5ec0e7c76c0f1dcd61c828147b9],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\Ge-Force-nv-ie, , [9c97cbc6d0ba48ee11f62a350bfa629e],
PUP.Optional.SavePass.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\SavePass 1.1-nv-ie, , [60d394fdaedc2f07992cd22363a0ca36],
PUP.Optional.Sense.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\Sense-nv-ie, , [6fc4d4bd206a1e18405ab9a624e15ba5],
PUP.Optional.MediaDrug.C, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\4C6927B3-61F1-4EBF-A5C7-68B60E4F40B9, , [56dd2968355586b05a422fa21ee5d32d],
Hodnoty databázy Registry: 1
PUP.Optional.MediaDrug.C, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\4C6927B3-61F1-4EBF-A5C7-68B60E4F40B9|DisplayName, MediaDrug, , [56dd2968355586b05a422fa21ee5d32d]
Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Prie??inky: 1
PUP.Optional.MediaDrug.C, C:\Users\asus\Music\MediaDrug, , [062d246d8901350194f506c592714ab6],
Súbory: 34
PUP.Optional.MediaDrug.C, C:\Users\asus\Downloads\Ella Henderson - Ghost.exe, , [989bc4cde8a2280e52a82d1029d915eb],
PUP.Optional.Amonetize, C:\Users\asus\Downloads\powerpoint templates recycling_10924_i51810664_il345.exe, , [c76c167bd7b375c19f35f344cd3525db],
PUP.Optional.Amonetize, C:\Users\asus\Downloads\Imindmap serial keygen_10924_i6048826_il345.exe, , [c86b672ac8c21f172ca84aed0ef420e0],
PUP.Optional.MediaDrug.C, C:\AdwCleaner\Quarantine\C\MediaDrug\mediadrug.exe.vir, , [4ce7b1e0f595290da654e25bc63c4db3],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir, , [72c149482664ce68cbdabf8938ca26da],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir, , [74bff0a13d4da591e6bfe06844bec739],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir, , [66cd137eccbe0f279b0a1c2c649e01ff],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir, , [7eb578192565b5817530be8aa2602bd5],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir, , [e2516d24f694c4728d184206c73b7f81],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [cb68aae7bcce36008520ae9ac73bbf41],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir, , [3cf7415066243ef8f0b51c2c1ae83bc5],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir, , [959e8a073e4c45f19015dd6bf60c768a],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir, , [34ffa0f11c6e3303881d55f3e71bd62a],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [171c791890fa5cda7134ec5ce71b926e],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [d75cbdd492f8cd69277eb79129d911ef],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir, , [2310bfd2fa9038fec3e29aae8e74ac54],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir, , [e84b068b5c2edb5becb998b0e12117e9],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [a192137e7515fe38386da4a4cb377090],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [76bd4948167485b13c698ebaff031ae6],
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir, , [5cd7850ceb9fb581a5a17890fe0825db],
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir, , [8aa94150fa903303e06653b59c6a04fc],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir, , [0033672accbed660dbcff0545ea4fe02],
PUP.Optional.Giner, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir, , [3df621700d7d01353c03de73c046a45c],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir, , [58dbace584065dd92b00f73e837fdf21],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir, , [79ba632e06845dd9f27d2adb95715ca4],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, , [fe35a8e93753979fb98f57bd31d1f010],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [f142c4cd612990a67d82b9bc9e622cd4],
PUP.Optional.Metalmaker.A, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys.vir, , [4ce7405158329e98fe5581d081856a96],
PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_asus_AppData_Roaming_BYAIAMUF.exe.vir, , [89aa2b66e4a63afc4c785aeeb55144bc],
PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_asus_AppData_Roaming_GNOK.exe.vir, , [ea49434ec8c2b383daead672ee18a25e],
PUP.Optional.Softonic, C:\zoek_backup\C_Users_asus_Downloads_SoftonicDownloader_for_ytd-video-downloader.exe.vir, , [8ea56c2544461323157e0b51f30da957],
PUP.Optional.MindSpark.A, C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.myway.com_0.localstorage, , [84af177a820837ff83162640e91cee12],
PUP.Optional.MindSpark.A, C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.myway.com_0.localstorage-journal, , [88ab7e13503a80b6a7f2580ed82d6c94],
PUP.Optional.MediaDrug.C, C:\Users\asus\Music\MediaDrug\default.mdp, , [062d246d8901350194f506c592714ab6],
Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)
(end)
www.malwarebytes.org
Dátum skenovania: 8. 5. 2015
Scan ??as: 12:35:12
Logfile: log.txt
Správca: áno
Verzia: 2.01.6.1022
Malware databázy: v2015.05.08.03
Rootkit databázy: v2015.04.21.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne
OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: asus
Typ skenu: Prispôsobená kontrola
Výsledok: Dokon??ené
Objekty naskenované: 549269
Uplynulý ??as: 1 hr, 8 min 51 sekúnd
Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené
Procesy: 0
(Žiadne zákernej položky neboli zistené)
Moduly: 0
(Žiadne zákernej položky neboli zistené)
Kľú??e databázy Registry: 21
PUP.Optional.IEMultiBHO.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, , [47ec662b5a30181ee0c4ee5bec1747b9],
PUP.Optional.IEMultiBHO.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{10E1725C-7237-41A9-954A-04DCCB1FD16C}, , [47ec662b5a30181ee0c4ee5bec1747b9],
PUP.Optional.MetalMaker.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D1ED8AB0-4DFF-42DE-95DA-49E0537B3612}, , [70c3771a57338ea80cb213792fd440c0],
PUP.Optional.MetalMaker.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D1ED8AB0-4DFF-42DE-95DA-49E0537B3612}, , [70c3771a57338ea80cb213792fd440c0],
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, , [3ef5cbc691f9c86ebaebce000bf807f9],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [2d06028f850573c3a4b1eee1cd3653ad],
PUP.Optional.MetalMaker.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Metal Maker, , [a58ea1f04248a88e9caee77a22e3a45c],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv, , [e74ca9e83d4d0f276c61e9090df646ba],
PUP.Optional.Cinema.A, HKU\S-1-5-18\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [92a1622fc7c34cea08c5e1111ee5659b],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv, , [6cc7c8c9dab09f97887f78e7ab5ad828],
PUP.Optional.GeForce.A, HKU\S-1-5-18\SOFTWARE\Ge-Force-nv-ie, , [092ad3be8604f0460700d28d699c38c8],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv, , [3df692ff87032511a421758032d1b54b],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv-ie, , [56dd95fcfb8fc86ee9dc33c2c142e020],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv, , [a0930d841d6da2942674104f8085d42c],
PUP.Optional.Sense.A, HKU\S-1-5-18\SOFTWARE\Sense-nv-ie, , [ae853061addda1953c5eb6a9eb1aa55b],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [fd36028ffa90b28403c1f86d1beaa25e],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\CinemaP-1.9cV16.03-nv-ie, , [76bda5ec0e7c76c0f1dcd61c828147b9],
PUP.Optional.GeForce.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\Ge-Force-nv-ie, , [9c97cbc6d0ba48ee11f62a350bfa629e],
PUP.Optional.SavePass.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\SavePass 1.1-nv-ie, , [60d394fdaedc2f07992cd22363a0ca36],
PUP.Optional.Sense.A, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\Sense-nv-ie, , [6fc4d4bd206a1e18405ab9a624e15ba5],
PUP.Optional.MediaDrug.C, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\4C6927B3-61F1-4EBF-A5C7-68B60E4F40B9, , [56dd2968355586b05a422fa21ee5d32d],
Hodnoty databázy Registry: 1
PUP.Optional.MediaDrug.C, HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\4C6927B3-61F1-4EBF-A5C7-68B60E4F40B9|DisplayName, MediaDrug, , [56dd2968355586b05a422fa21ee5d32d]
Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)
Prie??inky: 1
PUP.Optional.MediaDrug.C, C:\Users\asus\Music\MediaDrug, , [062d246d8901350194f506c592714ab6],
Súbory: 34
PUP.Optional.MediaDrug.C, C:\Users\asus\Downloads\Ella Henderson - Ghost.exe, , [989bc4cde8a2280e52a82d1029d915eb],
PUP.Optional.Amonetize, C:\Users\asus\Downloads\powerpoint templates recycling_10924_i51810664_il345.exe, , [c76c167bd7b375c19f35f344cd3525db],
PUP.Optional.Amonetize, C:\Users\asus\Downloads\Imindmap serial keygen_10924_i6048826_il345.exe, , [c86b672ac8c21f172ca84aed0ef420e0],
PUP.Optional.MediaDrug.C, C:\AdwCleaner\Quarantine\C\MediaDrug\mediadrug.exe.vir, , [4ce7b1e0f595290da654e25bc63c4db3],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir, , [72c149482664ce68cbdabf8938ca26da],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir, , [74bff0a13d4da591e6bfe06844bec739],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir, , [66cd137eccbe0f279b0a1c2c649e01ff],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir, , [7eb578192565b5817530be8aa2602bd5],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir, , [e2516d24f694c4728d184206c73b7f81],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [cb68aae7bcce36008520ae9ac73bbf41],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir, , [3cf7415066243ef8f0b51c2c1ae83bc5],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir, , [959e8a073e4c45f19015dd6bf60c768a],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir, , [34ffa0f11c6e3303881d55f3e71bd62a],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [171c791890fa5cda7134ec5ce71b926e],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [d75cbdd492f8cd69277eb79129d911ef],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir, , [2310bfd2fa9038fec3e29aae8e74ac54],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir, , [e84b068b5c2edb5becb998b0e12117e9],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [a192137e7515fe38386da4a4cb377090],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [76bd4948167485b13c698ebaff031ae6],
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchCH.dll.vir, , [5cd7850ceb9fb581a5a17890fe0825db],
PUP.Optional.Browserwatch, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowerWatchFF.dll.vir, , [8aa94150fa903303e06653b59c6a04fc],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\BrowserAction.dll.vir, , [0033672accbed660dbcff0545ea4fe02],
PUP.Optional.Giner, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\CmdShell.exe.vir, , [3df621700d7d01353c03de73c046a45c],
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir, , [58dbace584065dd92b00f73e837fdf21],
PUP.Optional.SearchProtect, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\IeWatchDog.dll.vir, , [79ba632e06845dd9f27d2adb95715ca4],
PUP.Optional.XTab.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir, , [fe35a8e93753979fb98f57bd31d1f010],
PUP.Optional.Elex, C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir, , [f142c4cd612990a67d82b9bc9e622cd4],
PUP.Optional.Metalmaker.A, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{3bd15086-1d37-406a-8359-19d3be69d4dd}Gw64.sys.vir, , [4ce7405158329e98fe5581d081856a96],
PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_asus_AppData_Roaming_BYAIAMUF.exe.vir, , [89aa2b66e4a63afc4c785aeeb55144bc],
PUP.Optional.CrossRider.A, C:\zoek_backup\C_Users_asus_AppData_Roaming_GNOK.exe.vir, , [ea49434ec8c2b383daead672ee18a25e],
PUP.Optional.Softonic, C:\zoek_backup\C_Users_asus_Downloads_SoftonicDownloader_for_ytd-video-downloader.exe.vir, , [8ea56c2544461323157e0b51f30da957],
PUP.Optional.MindSpark.A, C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.myway.com_0.localstorage, , [84af177a820837ff83162640e91cee12],
PUP.Optional.MindSpark.A, C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_filesharefanatic.dl.myway.com_0.localstorage-journal, , [88ab7e13503a80b6a7f2580ed82d6c94],
PUP.Optional.MediaDrug.C, C:\Users\asus\Music\MediaDrug\default.mdp, , [062d246d8901350194f506c592714ab6],
Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)
(end)
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Vsechny nalezy nechte odstranit (nebo hodte do karanteny). Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Tento krát mi už nenašlo nič.
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
MBAM odinstalujte. Dejte novy log z RSITa k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
RSIT je tu, ešte spravím ten 2.
Logfile of random's system information tool 1.10 (written by random/random)
Run by asus at 2015-05-08 16:27:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (14%) free of 200 GB
Total RAM: 8131 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:45, on 8. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\asus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3478229198-4246135543-1882119657-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9245 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-db81ca88-a21f-4622-a66e-c223d0d7dc4f -SystemEventPortName:HostProcess-14f91076-7d7e-462a-9c97-910dea0fcc8d -IoCancelEventPortName:HostProcess-608ed9b9-9a8e-4764-87e8-768d0b8524c7 -NonStateChangingEventPortName:HostProcess-eb367e97-bcc3-4451-afcb-8fdfcf892e90 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3323affb-b8dd-4b1f-96d6-9a7fa151ec6a -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\asus\AppData\Local\Steam\htmlcache" -steampid 2904 -buildid 1428965940 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4960.0.1579985679\1173038898" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42,51 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.3.1300862309\2051765564" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.4.1223122717\1617006458" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.6.1175280571\237476382" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.17.112208802\351227277" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.23.1829317192\1365227928" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.28.1079396087\77377918" /prefetch:673131151
"C:\Users\asus\Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-17 545264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-17 193520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-11-20 6846096]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2015-04-14 2889408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"OrderReminder"=C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 15:04:21 ----D---- C:\Program Files (x86)\ThinkBuzan
2015-05-08 14:59:57 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-05-08 14:15:55 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2015-05-08 10:59:39 ----SHD---- C:\$RECYCLE.BIN
2015-05-08 10:58:29 ----A---- C:\Windows\zoek-delete.exe
2015-05-08 10:58:28 ----D---- C:\Windows\Temp
2015-05-08 10:48:17 ----D---- C:\zoek_backup
2015-05-08 10:44:30 ----A---- C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-08 10:44:26 ----D---- C:\RegBackup
2015-05-07 23:59:04 ----D---- C:\Users\asus\AppData\Roaming\MiniGet
2015-05-07 23:54:16 ----D---- C:\Users\asus\AppData\Roaming\Opera Software
2015-05-07 23:53:53 ----D---- C:\Program Files (x86)\Opera
2015-04-28 08:45:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-19 15:18:22 ----D---- C:\ProgramData\ThinkBuzan
2015-04-19 15:18:22 ----D---- C:\ProgramData\JSoft
2015-04-15 17:31:16 ----D---- C:\Windows\system32\appraiser
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-15 08:03:03 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 08:03:02 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 08:02:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 08:02:59 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 08:02:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 08:02:57 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 08:02:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 08:02:56 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\smss.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 08:02:41 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 08:02:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:02:36 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:02:30 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfs.sys
2015-04-15 08:02:26 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
======List of files/folders modified in the last 1 month======
2015-05-08 16:27:45 ----D---- C:\Program Files\trend micro
2015-05-08 16:26:31 ----RD---- C:\Program Files (x86)
2015-05-08 16:26:31 ----D---- C:\Windows\system32\drivers
2015-05-08 15:04:33 ----SHD---- C:\Windows\Installer
2015-05-08 14:59:57 ----D---- C:\Windows\SysWOW64
2015-05-08 14:28:32 ----D---- C:\Windows\system32\config
2015-05-08 14:19:32 ----D---- C:\Windows\System32
2015-05-08 14:19:32 ----D---- C:\Windows\inf
2015-05-08 14:19:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-08 14:13:44 ----D---- C:\Program Files (x86)\Steam
2015-05-08 14:13:12 ----D---- C:\ProgramData\NVIDIA
2015-05-08 14:13:04 ----D---- C:\Windows\AppCompat
2015-05-08 10:59:00 ----D---- C:\Windows
2015-05-08 10:56:39 ----HD---- C:\Windows\system32\GroupPolicy
2015-05-08 10:56:39 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-05-08 10:56:39 ----D---- C:\Windows\system32\Tasks
2015-05-08 10:56:38 ----D---- C:\Windows\Tasks
2015-05-08 10:49:33 ----D---- C:\Windows\system32\drivers\etc
2015-05-08 10:42:18 ----D---- C:\AdwCleaner
2015-05-08 10:42:05 ----RD---- C:\Program Files
2015-05-08 10:42:04 ----HD---- C:\ProgramData
2015-05-08 00:33:08 ----A---- C:\Windows\win.ini
2015-05-08 00:24:30 ----D---- C:\Windows\system32\catroot2
2015-05-08 00:06:41 ----D---- C:\Program Files\Common Files\System
2015-05-07 23:59:43 ----SHD---- C:\System Volume Information
2015-05-07 23:51:59 ----D---- C:\Windows\Prefetch
2015-05-01 12:14:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 15:23:26 ----D---- C:\Users\asus\AppData\Roaming\vlc
2015-04-25 15:22:53 ----D---- C:\Users\asus\AppData\Roaming\dvdcss
2015-04-15 20:09:10 ----D---- C:\Windows\rescache
2015-04-15 17:40:23 ----D---- C:\Windows\Microsoft.NET
2015-04-15 17:40:03 ----RSD---- C:\Windows\assembly
2015-04-15 17:33:26 ----D---- C:\Windows\winsxs
2015-04-15 17:31:16 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 17:31:16 ----SD---- C:\ProgramData\Microsoft
2015-04-15 17:31:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\system32\wbem
2015-04-15 17:31:16 ----D---- C:\Windows\system32\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 17:31:16 ----D---- C:\Windows\AppPatch
2015-04-15 17:31:15 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 17:31:15 ----D---- C:\Windows\system32\en-US
2015-04-15 17:31:15 ----D---- C:\Program Files\Internet Explorer
2015-04-15 17:31:15 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 15:14:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 15:12:58 ----D---- C:\Windows\system32\MRT
2015-04-15 15:03:59 ----A---- C:\Windows\system32\MRT.exe
2015-04-13 21:15:32 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-11-21 4213904]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-03-12 64624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-01-25 23680]
S3 cpuz134;cpuz134; \??\C:\Users\asus\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;Sony so0103 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-25 66872]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by asus at 2015-05-08 16:27:43
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 28 GB (14%) free of 200 GB
Total RAM: 8131 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:45, on 8. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\asus.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3478229198-4246135543-1882119657-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9245 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe"
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-db81ca88-a21f-4622-a66e-c223d0d7dc4f -SystemEventPortName:HostProcess-14f91076-7d7e-462a-9c97-910dea0fcc8d -IoCancelEventPortName:HostProcess-608ed9b9-9a8e-4764-87e8-768d0b8524c7 -NonStateChangingEventPortName:HostProcess-eb367e97-bcc3-4451-afcb-8fdfcf892e90 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3323affb-b8dd-4b1f-96d6-9a7fa151ec6a -DeviceGroupId:
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\asus\AppData\Local\Steam\htmlcache" -steampid 2904 -buildid 1428965940 -steamid "0" --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE" /n /dde
C:\Windows\splwow64.exe 8192
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4960.0.1579985679\1173038898" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,19,42,51 --gpu-vendor-id=0x10de --gpu-device-id=0x0fc6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1422 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.3.1300862309\2051765564" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.4.1223122717\1617006458" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.6.1175280571\237476382" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.17.112208802\351227277" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.23.1829317192\1365227928" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/ControlEnforce/*ExtensionInstallVerification/None/ExtensionUseSafeInstallation/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/DevHUPDecayWithHQPRelevanceScoring_Control/*PasswordGeneration/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SafeBrowsingIncidentReportingService/Enabled/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*ThrottleExtensionBackgroundPages/ThrottlePersistent/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_62/*UMA-Uniformity-Trial-10-Percent/group_07/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/UMAInitialMetricsTiming/Control/*UseDelayAgnosticAEC/Disabled/*UwSInterstitialStatus/On/*V8CacheOptions/default/*V8VerifyHeap/Disabled/*VoiceTrigger/Install/*WebRTC-ScreencastTargetBitrateOvershoot/Default/*WebRTC-SupportVP9/Default/WebRTC-UDPSocketNonBlockingIO/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=4960 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="4960.28.1079396087\77377918" /prefetch:673131151
"C:\Users\asus\Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-17 545264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-17 193520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-11-20 6846096]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe []
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2015-04-14 2889408]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2013-04-26 292848]
"OrderReminder"=C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-01-30 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-05-08 15:04:21 ----D---- C:\Program Files (x86)\ThinkBuzan
2015-05-08 14:59:57 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2015-05-08 14:15:55 ----A---- C:\Windows\system32\drivers\IOMap64.sys
2015-05-08 10:59:39 ----SHD---- C:\$RECYCLE.BIN
2015-05-08 10:58:29 ----A---- C:\Windows\zoek-delete.exe
2015-05-08 10:58:28 ----D---- C:\Windows\Temp
2015-05-08 10:48:17 ----D---- C:\zoek_backup
2015-05-08 10:44:30 ----A---- C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-08 10:44:26 ----D---- C:\RegBackup
2015-05-07 23:59:04 ----D---- C:\Users\asus\AppData\Roaming\MiniGet
2015-05-07 23:54:16 ----D---- C:\Users\asus\AppData\Roaming\Opera Software
2015-05-07 23:53:53 ----D---- C:\Program Files (x86)\Opera
2015-04-28 08:45:07 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-19 15:18:22 ----D---- C:\ProgramData\ThinkBuzan
2015-04-19 15:18:22 ----D---- C:\ProgramData\JSoft
2015-04-15 17:31:16 ----D---- C:\Windows\system32\appraiser
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wups.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:03:07 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 08:03:04 ----A---- C:\Windows\system32\aitstatic.exe
2015-04-15 08:03:03 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 08:03:03 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 08:03:02 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 08:02:59 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 08:02:59 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 08:02:57 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 08:02:57 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 08:02:56 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 08:02:56 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 08:02:52 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:02:52 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 08:02:52 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 08:02:51 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\smss.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 08:02:51 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 08:02:51 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:50 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 08:02:50 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 08:02:50 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02:49 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02:47 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 08:02:44 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 08:02:41 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 08:02:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:02:39 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 08:02:38 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 08:02:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 08:02:37 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 08:02:37 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 08:02:36 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:02:36 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:02:36 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 08:02:35 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 08:02:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 08:02:34 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 08:02:33 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 08:02:32 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 08:02:31 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:02:30 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 08:02:27 ----A---- C:\Windows\system32\clfs.sys
2015-04-15 08:02:26 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
======List of files/folders modified in the last 1 month======
2015-05-08 16:27:45 ----D---- C:\Program Files\trend micro
2015-05-08 16:26:31 ----RD---- C:\Program Files (x86)
2015-05-08 16:26:31 ----D---- C:\Windows\system32\drivers
2015-05-08 15:04:33 ----SHD---- C:\Windows\Installer
2015-05-08 14:59:57 ----D---- C:\Windows\SysWOW64
2015-05-08 14:28:32 ----D---- C:\Windows\system32\config
2015-05-08 14:19:32 ----D---- C:\Windows\System32
2015-05-08 14:19:32 ----D---- C:\Windows\inf
2015-05-08 14:19:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-08 14:13:44 ----D---- C:\Program Files (x86)\Steam
2015-05-08 14:13:12 ----D---- C:\ProgramData\NVIDIA
2015-05-08 14:13:04 ----D---- C:\Windows\AppCompat
2015-05-08 10:59:00 ----D---- C:\Windows
2015-05-08 10:56:39 ----HD---- C:\Windows\system32\GroupPolicy
2015-05-08 10:56:39 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2015-05-08 10:56:39 ----D---- C:\Windows\system32\Tasks
2015-05-08 10:56:38 ----D---- C:\Windows\Tasks
2015-05-08 10:49:33 ----D---- C:\Windows\system32\drivers\etc
2015-05-08 10:42:18 ----D---- C:\AdwCleaner
2015-05-08 10:42:05 ----RD---- C:\Program Files
2015-05-08 10:42:04 ----HD---- C:\ProgramData
2015-05-08 00:33:08 ----A---- C:\Windows\win.ini
2015-05-08 00:24:30 ----D---- C:\Windows\system32\catroot2
2015-05-08 00:06:41 ----D---- C:\Program Files\Common Files\System
2015-05-07 23:59:43 ----SHD---- C:\System Volume Information
2015-05-07 23:51:59 ----D---- C:\Windows\Prefetch
2015-05-01 12:14:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 15:23:26 ----D---- C:\Users\asus\AppData\Roaming\vlc
2015-04-25 15:22:53 ----D---- C:\Users\asus\AppData\Roaming\dvdcss
2015-04-15 20:09:10 ----D---- C:\Windows\rescache
2015-04-15 17:40:23 ----D---- C:\Windows\Microsoft.NET
2015-04-15 17:40:03 ----RSD---- C:\Windows\assembly
2015-04-15 17:33:26 ----D---- C:\Windows\winsxs
2015-04-15 17:31:16 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 17:31:16 ----SD---- C:\ProgramData\Microsoft
2015-04-15 17:31:16 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\system32\wbem
2015-04-15 17:31:16 ----D---- C:\Windows\system32\sk-SK
2015-04-15 17:31:16 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 17:31:16 ----D---- C:\Windows\AppPatch
2015-04-15 17:31:15 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-15 17:31:15 ----D---- C:\Windows\system32\en-US
2015-04-15 17:31:15 ----D---- C:\Program Files\Internet Explorer
2015-04-15 17:31:15 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 15:14:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 15:12:58 ----D---- C:\Windows\system32\MRT
2015-04-15 15:03:59 ----A---- C:\Windows\system32\MRT.exe
2015-04-13 21:15:32 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-08-07 644968]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-08-07 28008]
R0 iusb3hcs;Ovládač prepínača hostiteľského radiča Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2013-04-26 20464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2012-08-22 15232]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-11-21 4213904]
R3 iusb3hub;Ovládač rozbočovača Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2013-04-26 368112]
R3 iusb3xhc;Ovládač hostiteľského radiča Intel(R) USB 3.0 eXtensible; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2013-04-26 786416]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-03-12 64624]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-12-19 194488]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-12-27 805088]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2013-01-25 23680]
S3 cpuz134;cpuz134; \??\C:\Users\asus\AppData\Local\Temp\cpuz134\cpuz134_x64.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;Sony so0103 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2013-05-07 936728]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-02-13 731648]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-03-12 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-03-12 366552]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-03-15 1266464]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-07-25 66872]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-02-13 820184]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-28 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-03 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
OK, az tu bude, sepisu mazaci skript
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu, sťahuje mi podozrivé programy
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by asus (administrator) on ASUS-PC on 08-05-2015 16:58:13
Running from C:\Users\asus\Desktop
Loaded Profiles: asus & UpdatusUser (Available profiles: asus & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\asus\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [OrderReminder] => C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\...\MountPoints2: {01c22949-53b3-11e3-b8bf-806e6f6e6963} - E:\Bin\ASSETUP.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3478229198-4246135543-1882119657-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-17] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll [2014-11-26] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2014-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll [2014-11-26] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-28]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\sweetsearch@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\ccf7276c-d388-480f-8835-5b680025e1ca@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\TTSD90021300@PYDKGV101145942.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-08]
CHR Extension: (Google Docs) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-08]
CHR Extension: (Google Drive) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-08]
CHR Extension: (YouTube) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-08]
CHR Extension: (Google Search) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-08]
CHR Extension: (Google Sheets) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-08]
CHR Extension: (Bookmark Manager) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]
CHR Extension: (Gmail) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-07-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 cpuz134; \??\C:\Users\asus\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-08 16:58 - 2015-05-08 16:58 - 00015634 _____ () C:\Users\asus\Desktop\FRST.txt
2015-05-08 16:57 - 2015-05-08 16:58 - 00000000 ____D () C:\FRST
2015-05-08 16:54 - 2015-05-08 16:55 - 00112640 _____ (forum.viry.cz) C:\Users\asus\Desktop\FRSTLauncher.exe
2015-05-08 16:52 - 2015-05-08 16:52 - 02102272 _____ (Farbar) C:\Users\asus\Desktop\FRST64.exe
2015-05-08 16:15 - 2015-05-08 16:15 - 00030825 _____ () C:\Users\asus\Downloads\Prieskum absolventov MKD.csv
2015-05-08 15:04 - 2015-05-08 15:04 - 00002056 _____ () C:\Users\Public\Desktop\iMindMap 8.lnk
2015-05-08 15:04 - 2015-05-08 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMindMap 8
2015-05-08 15:04 - 2015-05-08 15:04 - 00000000 ____D () C:\Program Files (x86)\ThinkBuzan
2015-05-08 15:01 - 2015-05-08 15:02 - 160045632 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.6b (1).exe
2015-05-08 14:59 - 2015-05-08 15:04 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-05-08 14:15 - 2013-01-25 12:51 - 00023680 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2015-05-08 11:30 - 2015-05-08 11:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\asus\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-08 11:00 - 2015-05-08 11:00 - 00010406 _____ () C:\Users\asus\Desktop\zoek-results.txt
2015-05-08 10:58 - 2015-05-08 10:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-08 10:49 - 2014-11-23 14:30 - 00009284 _____ () C:\zoek-results2014-11-23-123022.log
2015-05-08 10:48 - 2015-05-08 14:12 - 00000000 ____D () C:\zoek_backup
2015-05-08 10:47 - 2015-05-08 10:47 - 01308672 _____ () C:\Users\asus\Desktop\zoek.exe
2015-05-08 10:46 - 2015-05-08 10:46 - 00001160 _____ () C:\Users\asus\Desktop\JRT.txt
2015-05-08 10:44 - 2015-05-08 10:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-08 10:44 - 2015-05-08 10:44 - 00000000 ____D () C:\RegBackup
2015-05-08 10:43 - 2015-05-08 10:43 - 00015616 _____ () C:\Users\asus\Desktop\AdwCleaner[S1].txt
2015-05-08 10:40 - 2015-05-08 10:40 - 02716843 _____ (Thisisu) C:\Users\asus\Desktop\JRT (1).exe
2015-05-08 10:36 - 2015-05-08 10:36 - 02204160 _____ () C:\Users\asus\Desktop\adwcleaner_4.203.exe
2015-05-08 10:11 - 2015-05-08 10:11 - 01222144 _____ () C:\Users\asus\Downloads\RSITx64 (2).exe
2015-05-08 00:32 - 2015-05-08 00:32 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieUserList
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieSiteList
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieBrowserModeList
2015-05-08 00:02 - 2015-05-08 00:02 - 00003140 _____ () C:\Windows\System32\Tasks\{20599B64-6B36-442B-9F06-83FA27EE3663}
2015-05-07 23:59 - 2015-05-07 23:59 - 00000000 ____D () C:\Users\asus\AppData\Roaming\MiniGet
2015-05-07 23:54 - 2015-05-07 23:54 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Opera Software
2015-05-07 23:54 - 2015-05-07 23:54 - 00000000 ____D () C:\Users\asus\AppData\Local\Opera Software
2015-05-07 23:53 - 2015-05-08 00:04 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-07 23:45 - 2015-05-07 23:45 - 160045632 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.6b.exe
2015-05-07 14:19 - 2015-05-07 14:19 - 01107019 _____ () C:\Users\asus\Downloads\michaela_jotovova.rar
2015-05-07 14:09 - 2015-05-07 14:09 - 00008245 _____ () C:\Users\asus\Downloads\kalendar.aktivit@mediamatika.sk.ical.zip
2015-05-04 16:50 - 2015-05-04 16:50 - 00210395 _____ () C:\Users\asus\Downloads\posudok.xlsx
2015-05-02 13:36 - 2015-05-02 13:36 - 00098483 _____ () C:\Users\asus\Downloads\events-manager.zip
2015-04-28 08:45 - 2015-04-28 08:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 15:30 - 2015-05-07 23:52 - 00000000 ____D () C:\Users\asus\.thinkbuzan
2015-04-19 15:18 - 2015-05-08 15:08 - 00000000 ____D () C:\ProgramData\ThinkBuzan
2015-04-19 15:18 - 2015-05-08 15:08 - 00000000 ____D () C:\ProgramData\JSoft
2015-04-19 15:16 - 2015-04-19 15:17 - 159466840 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.5.exe
2015-04-18 22:13 - 2015-04-18 23:40 - 00157491 _____ () C:\Users\asus\Downloads\Prieskum zameraný na prístup k informáciám študentov MKD (odpovede).xlsx
2015-04-18 15:15 - 2015-04-18 15:25 - 1807205388 _____ () C:\Users\asus\Downloads\posledná prednáška MKD 2015.rar
2015-04-16 13:53 - 2015-04-16 13:53 - 00023801 _____ () C:\Users\asus\Downloads\Orange_doklad_FC_20150410_CN0237125166_1301121027.zip
2015-04-15 20:57 - 2015-04-15 20:57 - 08461745 _____ () C:\Users\asus\Downloads\affilak.zip
2015-04-15 17:31 - 2015-04-15 17:31 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 08:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 08:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 08:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 08:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 08:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 08:03 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 08:03 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 08:03 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 08:03 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 08:02 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 08:02 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 08:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 08:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 08:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 08:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 08:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 08:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 08:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 08:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 08:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 08:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 08:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 08:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 08:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 08:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 08:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 08:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 08:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 08:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 08:02 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 08:02 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:02 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 08:02 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 08:02 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 08:02 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:02 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 08:02 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:02 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 08:02 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 08:02 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 08:02 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 08:02 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:02 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 08:02 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 08:02 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:02 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 08:02 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 08:02 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 08:02 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:02 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 08:02 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 08:02 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 08:02 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 08:02 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 08:02 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 08:02 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 08:02 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 08:02 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 08:02 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 08:02 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 08:02 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 08:02 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 08:02 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 08:02 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 08:02 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 08:02 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 08:02 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 08:02 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:02 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:02 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 08:02 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 08:02 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 08:02 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 08:02 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 08:02 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 08:02 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 08:02 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 08:02 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 08:02 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 08:02 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 08:02 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 08:02 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 08:02 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 08:02 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 08:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 08:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 08:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 08:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 08:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 08:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 08:02 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 08:02 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 08:02 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 08:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-12 20:51 - 2015-04-12 20:51 - 00460136 _____ () C:\Users\asus\Downloads\2917_internet_ppt.zip
2015-04-12 19:04 - 2015-04-12 19:04 - 05076992 _____ () C:\Users\asus\Downloads\DP-A.Kovalova.ppt
2015-04-12 18:23 - 2015-04-12 18:23 - 03114520 _____ (CrystalGraphics, Inc.) C:\Users\asus\Downloads\PowerPlugs_Template_Finder_for_PowerPoint_V4.04_64-bit.exe
2015-04-12 18:23 - 2015-04-12 18:23 - 00481648 _____ () C:\Users\asus\Downloads\Thinking00_sb_39_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-12 18:20 - 2015-04-12 18:20 - 00451896 _____ () C:\Users\asus\Downloads\Information_co_46_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-12 18:17 - 2015-04-12 18:17 - 00538160 _____ () C:\Users\asus\Downloads\Mobile_phone_co_44_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-11 19:11 - 2015-04-11 19:11 - 00210851 _____ () C:\Users\asus\Downloads\Orange_doklad_FR_20150408_CN0237125166_14845121007.zip
2015-04-11 16:01 - 2015-04-11 16:01 - 00560044 _____ () C:\Users\asus\Downloads\Informačná ekológia akademického prostredia (1).pptx
2015-04-11 13:11 - 2015-04-11 13:11 - 05056000 _____ () C:\Users\asus\Downloads\business-ppt-template-025.ppt
2015-04-11 13:10 - 2015-04-11 13:10 - 00580608 _____ () C:\Users\asus\Downloads\it-ppt-template-003.ppt
2015-04-11 12:54 - 2015-04-11 12:54 - 02050359 _____ () C:\Users\asus\Downloads\0000000374-smiletemplates.com.zip
2015-04-11 12:54 - 2015-04-11 12:54 - 02050359 _____ () C:\Users\asus\Downloads\0000000374-smiletemplates.com (1).zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-08 16:37 - 2014-05-23 19:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-08 16:27 - 2014-11-20 21:18 - 00000000 ____D () C:\Program Files\trend micro
2015-05-08 16:16 - 2013-11-22 22:28 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 16:02 - 2013-11-22 22:23 - 01237046 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 14:21 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:21 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:19 - 2015-01-05 12:34 - 00588838 _____ () C:\Windows\system32\perfh01B.dat
2015-05-08 14:19 - 2015-01-05 12:34 - 00109376 _____ () C:\Windows\system32\perfc01B.dat
2015-05-08 14:19 - 2009-07-14 07:13 - 01382768 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 14:13 - 2014-12-25 12:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-08 14:13 - 2013-11-22 23:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-08 14:13 - 2013-11-22 22:29 - 00253396 _____ () C:\Windows\PFRO.log
2015-05-08 14:13 - 2013-11-22 22:28 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 14:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 14:13 - 2009-07-14 06:51 - 00079333 _____ () C:\Windows\setupact.log
2015-05-08 14:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-08 10:59 - 2014-11-23 14:17 - 00010406 _____ () C:\zoek-results.log
2015-05-08 10:56 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-08 10:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-08 10:42 - 2014-11-20 21:52 - 00000000 ____D () C:\AdwCleaner
2015-05-08 10:09 - 2014-09-11 19:02 - 00000000 ____D () C:\Users\asus\AppData\Local\Adobe
2015-05-08 10:09 - 2013-11-22 22:22 - 00001311 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-08 00:46 - 2013-11-22 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-08 00:44 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-08 00:33 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2015-05-08 00:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-08 00:04 - 2014-10-10 12:39 - 00001029 _____ () C:\Users\asus\Desktop\Mafia II.lnk
2015-05-08 00:04 - 2013-11-24 19:25 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-01 12:14 - 2014-05-04 12:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-29 10:28 - 2009-07-14 07:08 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-25 15:23 - 2013-12-04 21:03 - 00000000 ____D () C:\Users\asus\AppData\Roaming\vlc
2015-04-25 15:22 - 2013-12-04 21:05 - 00000000 ____D () C:\Users\asus\AppData\Roaming\dvdcss
2015-04-20 23:25 - 2013-11-23 21:23 - 00000000 ____D () C:\Users\asus\Documents\Ada
2015-04-19 15:30 - 2013-11-22 22:22 - 00000000 ____D () C:\Users\asus
2015-04-15 20:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 17:31 - 2014-05-07 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 15:14 - 2013-11-22 22:35 - 01341058 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 15:12 - 2014-05-03 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 15:03 - 2014-05-03 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-01-07 00:58 - 2015-01-18 17:17 - 0000600 _____ () C:\Users\asus\AppData\Roaming\winscp.rnd
2014-05-03 12:50 - 2015-01-05 14:47 - 0016896 _____ () C:\Users\asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-27 21:04 - 2015-01-27 21:04 - 0000032 RSHOT () C:\Users\asus\AppData\Local\t70rc.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 13:28
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:195.21 GB) (Free:27.17 GB) NTFS
Drive d: () (Fixed) (Total:1667.7 GB) (Free:358.85 GB) NTFS
Available physical RAM: 3139.45 MB
Total physical RAM: 8130.77 MB
Percentage of memory in use: 61%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4CCDF56B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1667.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\asus\Desktop" je 39 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by asus (administrator) on ASUS-PC on 08-05-2015 16:58:13
Running from C:\Users\asus\Desktop
Loaded Profiles: asus & UpdatusUser (Available profiles: asus & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\asus\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [OrderReminder] => C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3478229198-4246135543-1882119657-1000\...\MountPoints2: {01c22949-53b3-11e3-b8bf-806e6f6e6963} - E:\Bin\ASSETUP.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3478229198-4246135543-1882119657-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-17] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-04] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll [2014-11-26] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2014-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-07-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll [2014-11-26] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-28]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\sweetsearch@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\ccf7276c-d388-480f-8835-5b680025e1ca@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\e9d197d59f2f45f382b1aa5c14d82@8706aaed9b904554b5cb7984e9.com [Not Found]
FF Extension: No Name - C:\Users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\w5tgjon3.default\extensions\TTSD90021300@PYDKGV101145942.com [Not Found]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-08]
CHR Extension: (Google Docs) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-08]
CHR Extension: (Google Drive) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-08]
CHR Extension: (YouTube) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-08]
CHR Extension: (Google Search) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-08]
CHR Extension: (Google Sheets) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-08]
CHR Extension: (Bookmark Manager) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-23]
CHR Extension: (Gmail) - C:\Users\asus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-07-25] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 cpuz134; \??\C:\Users\asus\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-08 16:58 - 2015-05-08 16:58 - 00015634 _____ () C:\Users\asus\Desktop\FRST.txt
2015-05-08 16:57 - 2015-05-08 16:58 - 00000000 ____D () C:\FRST
2015-05-08 16:54 - 2015-05-08 16:55 - 00112640 _____ (forum.viry.cz) C:\Users\asus\Desktop\FRSTLauncher.exe
2015-05-08 16:52 - 2015-05-08 16:52 - 02102272 _____ (Farbar) C:\Users\asus\Desktop\FRST64.exe
2015-05-08 16:15 - 2015-05-08 16:15 - 00030825 _____ () C:\Users\asus\Downloads\Prieskum absolventov MKD.csv
2015-05-08 15:04 - 2015-05-08 15:04 - 00002056 _____ () C:\Users\Public\Desktop\iMindMap 8.lnk
2015-05-08 15:04 - 2015-05-08 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMindMap 8
2015-05-08 15:04 - 2015-05-08 15:04 - 00000000 ____D () C:\Program Files (x86)\ThinkBuzan
2015-05-08 15:01 - 2015-05-08 15:02 - 160045632 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.6b (1).exe
2015-05-08 14:59 - 2015-05-08 15:04 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-05-08 14:15 - 2013-01-25 12:51 - 00023680 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2015-05-08 11:30 - 2015-05-08 11:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\asus\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-08 11:00 - 2015-05-08 11:00 - 00010406 _____ () C:\Users\asus\Desktop\zoek-results.txt
2015-05-08 10:58 - 2015-05-08 10:48 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-08 10:49 - 2014-11-23 14:30 - 00009284 _____ () C:\zoek-results2014-11-23-123022.log
2015-05-08 10:48 - 2015-05-08 14:12 - 00000000 ____D () C:\zoek_backup
2015-05-08 10:47 - 2015-05-08 10:47 - 01308672 _____ () C:\Users\asus\Desktop\zoek.exe
2015-05-08 10:46 - 2015-05-08 10:46 - 00001160 _____ () C:\Users\asus\Desktop\JRT.txt
2015-05-08 10:44 - 2015-05-08 10:44 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ASUS-PC-Windows-7-Home-Premium-(64-bit).dat
2015-05-08 10:44 - 2015-05-08 10:44 - 00000000 ____D () C:\RegBackup
2015-05-08 10:43 - 2015-05-08 10:43 - 00015616 _____ () C:\Users\asus\Desktop\AdwCleaner[S1].txt
2015-05-08 10:40 - 2015-05-08 10:40 - 02716843 _____ (Thisisu) C:\Users\asus\Desktop\JRT (1).exe
2015-05-08 10:36 - 2015-05-08 10:36 - 02204160 _____ () C:\Users\asus\Desktop\adwcleaner_4.203.exe
2015-05-08 10:11 - 2015-05-08 10:11 - 01222144 _____ () C:\Users\asus\Downloads\RSITx64 (2).exe
2015-05-08 00:32 - 2015-05-08 00:32 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieUserList
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieSiteList
2015-05-08 00:04 - 2015-05-08 00:04 - 00000000 __SHD () C:\Users\asus\AppData\Local\EmieBrowserModeList
2015-05-08 00:02 - 2015-05-08 00:02 - 00003140 _____ () C:\Windows\System32\Tasks\{20599B64-6B36-442B-9F06-83FA27EE3663}
2015-05-07 23:59 - 2015-05-07 23:59 - 00000000 ____D () C:\Users\asus\AppData\Roaming\MiniGet
2015-05-07 23:54 - 2015-05-07 23:54 - 00000000 ____D () C:\Users\asus\AppData\Roaming\Opera Software
2015-05-07 23:54 - 2015-05-07 23:54 - 00000000 ____D () C:\Users\asus\AppData\Local\Opera Software
2015-05-07 23:53 - 2015-05-08 00:04 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-07 23:45 - 2015-05-07 23:45 - 160045632 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.6b.exe
2015-05-07 14:19 - 2015-05-07 14:19 - 01107019 _____ () C:\Users\asus\Downloads\michaela_jotovova.rar
2015-05-07 14:09 - 2015-05-07 14:09 - 00008245 _____ () C:\Users\asus\Downloads\kalendar.aktivit@mediamatika.sk.ical.zip
2015-05-04 16:50 - 2015-05-04 16:50 - 00210395 _____ () C:\Users\asus\Downloads\posudok.xlsx
2015-05-02 13:36 - 2015-05-02 13:36 - 00098483 _____ () C:\Users\asus\Downloads\events-manager.zip
2015-04-28 08:45 - 2015-04-28 08:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-19 15:30 - 2015-05-07 23:52 - 00000000 ____D () C:\Users\asus\.thinkbuzan
2015-04-19 15:18 - 2015-05-08 15:08 - 00000000 ____D () C:\ProgramData\ThinkBuzan
2015-04-19 15:18 - 2015-05-08 15:08 - 00000000 ____D () C:\ProgramData\JSoft
2015-04-19 15:16 - 2015-04-19 15:17 - 159466840 _____ (ThinkBuzan) C:\Users\asus\Downloads\imindmap8_windows_8.0.5.exe
2015-04-18 22:13 - 2015-04-18 23:40 - 00157491 _____ () C:\Users\asus\Downloads\Prieskum zameraný na prístup k informáciám študentov MKD (odpovede).xlsx
2015-04-18 15:15 - 2015-04-18 15:25 - 1807205388 _____ () C:\Users\asus\Downloads\posledná prednáška MKD 2015.rar
2015-04-16 13:53 - 2015-04-16 13:53 - 00023801 _____ () C:\Users\asus\Downloads\Orange_doklad_FC_20150410_CN0237125166_1301121027.zip
2015-04-15 20:57 - 2015-04-15 20:57 - 08461745 _____ () C:\Users\asus\Downloads\affilak.zip
2015-04-15 17:31 - 2015-04-15 17:31 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 08:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 08:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 08:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 08:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 08:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 08:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 08:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 08:03 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 08:03 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 08:03 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 08:03 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 08:03 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 08:02 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 08:02 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 08:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 08:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 08:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 08:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 08:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 08:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 08:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 08:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 08:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 08:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 08:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 08:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 08:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 08:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 08:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 08:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 08:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 08:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 08:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 08:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 08:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 08:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 08:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 08:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 08:02 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 08:02 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 08:02 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 08:02 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 08:02 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 08:02 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 08:02 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 08:02 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 08:02 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 08:02 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 08:02 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 08:02 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 08:02 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 08:02 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 08:02 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 08:02 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 08:02 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 08:02 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 08:02 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 08:02 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 08:02 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 08:02 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 08:02 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 08:02 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 08:02 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 08:02 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 08:02 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 08:02 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 08:02 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 08:02 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 08:02 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 08:02 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 08:02 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 08:02 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 08:02 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 08:02 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 08:02 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 08:02 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 08:02 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 08:02 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 08:02 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 08:02 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 08:02 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 08:02 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 08:02 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 08:02 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 08:02 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 08:02 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 08:02 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 08:02 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 08:02 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 08:02 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 08:02 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 08:02 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 08:02 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 08:02 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 08:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 08:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 08:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 08:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 08:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 08:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 08:02 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 08:02 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 08:02 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 08:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-12 20:51 - 2015-04-12 20:51 - 00460136 _____ () C:\Users\asus\Downloads\2917_internet_ppt.zip
2015-04-12 19:04 - 2015-04-12 19:04 - 05076992 _____ () C:\Users\asus\Downloads\DP-A.Kovalova.ppt
2015-04-12 18:23 - 2015-04-12 18:23 - 03114520 _____ (CrystalGraphics, Inc.) C:\Users\asus\Downloads\PowerPlugs_Template_Finder_for_PowerPoint_V4.04_64-bit.exe
2015-04-12 18:23 - 2015-04-12 18:23 - 00481648 _____ () C:\Users\asus\Downloads\Thinking00_sb_39_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-12 18:20 - 2015-04-12 18:20 - 00451896 _____ () C:\Users\asus\Downloads\Information_co_46_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-12 18:17 - 2015-04-12 18:17 - 00538160 _____ () C:\Users\asus\Downloads\Mobile_phone_co_44_CrystalGraphics.com_PowerPoint_Templates_trial.exe
2015-04-11 19:11 - 2015-04-11 19:11 - 00210851 _____ () C:\Users\asus\Downloads\Orange_doklad_FR_20150408_CN0237125166_14845121007.zip
2015-04-11 16:01 - 2015-04-11 16:01 - 00560044 _____ () C:\Users\asus\Downloads\Informačná ekológia akademického prostredia (1).pptx
2015-04-11 13:11 - 2015-04-11 13:11 - 05056000 _____ () C:\Users\asus\Downloads\business-ppt-template-025.ppt
2015-04-11 13:10 - 2015-04-11 13:10 - 00580608 _____ () C:\Users\asus\Downloads\it-ppt-template-003.ppt
2015-04-11 12:54 - 2015-04-11 12:54 - 02050359 _____ () C:\Users\asus\Downloads\0000000374-smiletemplates.com.zip
2015-04-11 12:54 - 2015-04-11 12:54 - 02050359 _____ () C:\Users\asus\Downloads\0000000374-smiletemplates.com (1).zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-08 16:37 - 2014-05-23 19:41 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-08 16:27 - 2014-11-20 21:18 - 00000000 ____D () C:\Program Files\trend micro
2015-05-08 16:16 - 2013-11-22 22:28 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-08 16:02 - 2013-11-22 22:23 - 01237046 _____ () C:\Windows\WindowsUpdate.log
2015-05-08 14:21 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:21 - 2009-07-14 06:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-08 14:19 - 2015-01-05 12:34 - 00588838 _____ () C:\Windows\system32\perfh01B.dat
2015-05-08 14:19 - 2015-01-05 12:34 - 00109376 _____ () C:\Windows\system32\perfc01B.dat
2015-05-08 14:19 - 2009-07-14 07:13 - 01382768 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-08 14:13 - 2014-12-25 12:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-08 14:13 - 2013-11-22 23:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-08 14:13 - 2013-11-22 22:29 - 00253396 _____ () C:\Windows\PFRO.log
2015-05-08 14:13 - 2013-11-22 22:28 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-08 14:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-08 14:13 - 2009-07-14 06:51 - 00079333 _____ () C:\Windows\setupact.log
2015-05-08 14:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-08 10:59 - 2014-11-23 14:17 - 00010406 _____ () C:\zoek-results.log
2015-05-08 10:56 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-08 10:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-08 10:42 - 2014-11-20 21:52 - 00000000 ____D () C:\AdwCleaner
2015-05-08 10:09 - 2014-09-11 19:02 - 00000000 ____D () C:\Users\asus\AppData\Local\Adobe
2015-05-08 10:09 - 2013-11-22 22:22 - 00001311 _____ () C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-08 00:46 - 2013-11-22 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-08 00:44 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-08 00:33 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2015-05-08 00:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-08 00:04 - 2014-10-10 12:39 - 00001029 _____ () C:\Users\asus\Desktop\Mafia II.lnk
2015-05-08 00:04 - 2013-11-24 19:25 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-01 12:14 - 2014-05-04 12:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-29 10:28 - 2009-07-14 07:08 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-25 15:23 - 2013-12-04 21:03 - 00000000 ____D () C:\Users\asus\AppData\Roaming\vlc
2015-04-25 15:22 - 2013-12-04 21:05 - 00000000 ____D () C:\Users\asus\AppData\Roaming\dvdcss
2015-04-20 23:25 - 2013-11-23 21:23 - 00000000 ____D () C:\Users\asus\Documents\Ada
2015-04-19 15:30 - 2013-11-22 22:22 - 00000000 ____D () C:\Users\asus
2015-04-15 20:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 17:31 - 2014-05-07 08:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 17:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 15:14 - 2013-11-22 22:35 - 01341058 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 15:12 - 2014-05-03 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 15:03 - 2014-05-03 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2014-01-07 00:58 - 2015-01-18 17:17 - 0000600 _____ () C:\Users\asus\AppData\Roaming\winscp.rnd
2014-05-03 12:50 - 2015-01-05 14:47 - 0016896 _____ () C:\Users\asus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-27 21:04 - 2015-01-27 21:04 - 0000032 RSHOT () C:\Users\asus\AppData\Local\t70rc.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 13:28
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:195.21 GB) (Free:27.17 GB) NTFS
Drive d: () (Fixed) (Total:1667.7 GB) (Free:358.85 GB) NTFS
Available physical RAM: 3139.45 MB
Total physical RAM: 8130.77 MB
Percentage of memory in use: 61%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 4CCDF56B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1667.7 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\asus\Desktop" je 39 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.rar
- (8.64 KiB) Staženo 20 x
Přispějete na provoz fóra?