Zdravím, mám problém s nějakou očividně chytrou potvorou prošla Esetem bez povšimnutí a CloudFlare mi blokuje určité DNS servry
dneska při startu se dokonce nahodila modrá obrazovka s chybovým hlášením
Podpis problému:
Název události problému: BlueScreen
Verze operačního systému: 6.1.7601.2.1.0.256.48
ID národního prostředí: 1029
Další informace o problému:
BCCode: 1000007e
BCP1: FFFFFFFFC0000005
BCP2: FFFFF88004EB1D59
BCP3: FFFFF880035AF0F8
BCP4: FFFFF880035AE950
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
Soubory, které popisují problém:
C:\Windows\Minidump\060415-16411-01.dmp
C:\Users\---\AppData\Local\Temp\WER-19172-0.sysdata.xml
Přečtěte si prohlášení o zásadách ochrany osobních údajů online:
http://go.microsoft.com/fwlink/?linkid= ... cid=0x0405
Pokud není k dispozici Prohlášení o zásadách ochrany osobních údajů online, přečtěte si toto prohlášení offline:
C:\Windows\system32\cs-CZ\erofflps.txt
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119676
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Zdravím!
Tento soubor: C:\Windows\Minidump\060415-16411-01.dmp zabalte do raru a přiložte k vašemu příštímu postu.
Tento soubor: C:\Windows\Minidump\060415-16411-01.dmp zabalte do raru a přiložte k vašemu příštímu postu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Tady je soubor
- Přílohy
-
- 060415-16411-01.rar
- (31.1 KiB) Staženo 32 x
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Zdravim,
omlouvam se kolegovi za vstup. Pouze maly dotaz, jedna se o domaci PC nebo nejake firemni?
omlouvam se kolegovi za vstup. Pouze maly dotaz, jedna se o domaci PC nebo nejake firemni?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Mám administrátorská práva, dělám na tom i firemní věci
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Verze EndPoint je urcena je pro firemni klientelu a my tu nebudeme delat veci za firemni IT techniky, takze jim to sverte.
nase forum je tu bezplatne a jen pro domaci uzivatele, coz je popsano i zcela jasne v pravidlech fora.
nase forum je tu bezplatne a jen pro domaci uzivatele, coz je popsano i zcela jasne v pravidlech fora.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
To je fajn, comp je můj eset je firmy - takže firemní IT mě pošle k šípku
-
Rudy
- Site Admin
- Příspěvky: 119676
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Ještě poprosím o log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Logfile of random's system information tool 1.10 (written by random/random)
Run by ALA at 2015-06-04 21:47:08
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 134 GB (59%) free of 229 GB
Total RAM: 16325 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:14, on 4.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ALA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 10473 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000448;0000000000000460; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22026976
\??\C:\Windows\system32\conhost.exe "-529015520-7650534191883416972754431962-17415223101005836587-13028994161808450004
/QuitInfo:0000000000000734;0000000000000738; /AddRef;
/QuitInfo:0000000000000740;0000000000000764;
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
/loadhooks /Parent:0000000000000724
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
taskeng.exe {390DE111-4F7C-4DBB-85B3-7202D2BCE89C}
"C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe" -onlytray
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 87cd5e4e-422f-4dbc-8504-7b7929bc1f0b 1
\??\C:\Windows\system32\conhost.exe "327827287-2084217935-1181039683-1821303691-23747567712444287781353889950-734908937
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-21391457629886678068295375561207714997-8965374112046412556-1728071051440884935
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e189d1c-910e-4e3a-902d-aa699f5e3f47 -SystemEventPortName:HostProcess-c03b9cef-4ae4-46b6-96d5-ff1ea78d349d -IoCancelEventPortName:HostProcess-6e066f9d-8d87-4d31-b827-2126f30377a0 -NonStateChangingEventPortName:HostProcess-811d2442-c21a-42d0-a5d3-e61832eebc83 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c72671e0-be52-4fe2-a0fe-0377d72d5665 -DeviceGroupId:
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/2.0.0.74" --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable --channel="4580.0.1637454808\459901017" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe" -s
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=gpu-process --channel="4580.1.1071021502\370853583" --no-sandbox --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x13c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5306 --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable /prefetch:822062411
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
notepad.exe "C:\Users\ALA\AppData\Local\Temp\log.txt"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\explorer.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\ALA\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ALA\AppData\Roaming\Mozilla\Firefox\Profiles\d2nah9ie.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-05-27 7611608]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2014-09-24 4124360]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-28 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-28 1571696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2015-03-17 867488]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2013-01-28 550272]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-04-20 2584240]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2015-03-17 1851040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-06-04 21:47:08 ----D---- C:\rsit
2015-06-04 21:47:08 ----D---- C:\Program Files\trend micro
2015-06-04 21:40:51 ----A---- C:\ComboFix.txt
2015-06-04 21:39:10 ----SHD---- C:\$RECYCLE.BIN
2015-06-04 21:32:28 ----A---- C:\Windows\zip.exe
2015-06-04 21:32:28 ----A---- C:\Windows\SWSC.exe
2015-06-04 21:32:28 ----A---- C:\Windows\SWREG.exe
2015-06-04 21:32:28 ----A---- C:\Windows\sed.exe
2015-06-04 21:32:28 ----A---- C:\Windows\PEV.exe
2015-06-04 21:32:28 ----A---- C:\Windows\NIRCMD.exe
2015-06-04 21:32:28 ----A---- C:\Windows\MBR.exe
2015-06-04 21:32:28 ----A---- C:\Windows\grep.exe
2015-06-04 21:32:26 ----D---- C:\ComboFix
2015-06-04 21:32:25 ----AD---- C:\Qoobox
2015-06-04 21:32:20 ----D---- C:\Windows\erdnt
2015-06-04 21:08:52 ----A---- C:\Windows\ntbtlog.txt
2015-06-04 20:32:44 ----D---- C:\Users\ALA\AppData\Roaming\WinRAR
2015-06-04 20:32:17 ----D---- C:\Program Files\WinRAR
2015-06-03 09:37:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-02 19:37:03 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-02 19:36:05 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-02 19:36:05 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-02 19:17:19 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-02 19:17:19 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-05-18 20:20:00 ----A---- C:\Windows\system32\nvoglv64.dll
2015-05-18 20:20:00 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-18 20:20:00 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvcuda.dll
2015-05-13 09:59:28 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:59:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 09:33:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 09:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 09:33:26 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 09:33:23 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 09:33:20 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 09:32:29 ----A---- C:\Windows\system32\services.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 09:32:28 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\smss.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\relog.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\logman.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 09:32:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 09:32:27 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 09:32:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 09:32:23 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 09:32:23 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 09:32:23 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 09:32:22 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 09:32:22 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 09:32:21 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 09:32:21 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 09:32:20 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\aelupsvc.dll
======List of files/folders modified in the last 1 month======
2015-06-04 21:47:09 ----D---- C:\Windows\Temp
2015-06-04 21:47:08 ----RD---- C:\Program Files
2015-06-04 21:45:00 ----D---- C:\Windows\System32
2015-06-04 21:45:00 ----D---- C:\Windows\inf
2015-06-04 21:45:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-04 21:40:53 ----D---- C:\Windows\system32\drivers
2015-06-04 21:39:36 ----A---- C:\Windows\PE_Rom.dll
2015-06-04 21:39:11 ----D---- C:\Windows
2015-06-04 21:39:11 ----A---- C:\Windows\system.ini
2015-06-04 21:39:10 ----D---- C:\Windows\system32\drivers\etc
2015-06-04 21:39:05 ----D---- C:\ProgramData\NVIDIA
2015-06-04 21:38:12 ----D---- C:\Windows\system32\config
2015-06-04 21:36:36 ----D---- C:\Windows\SYSWOW64\drivers
2015-06-04 21:36:36 ----D---- C:\Windows\SysWOW64
2015-06-04 21:36:36 ----D---- C:\Windows\AppPatch
2015-06-04 21:36:36 ----D---- C:\Program Files (x86)\Common Files
2015-06-04 21:10:40 ----SD---- C:\Users\ALA\AppData\Roaming\Microsoft
2015-06-04 21:10:40 ----SD---- C:\ProgramData\Microsoft
2015-06-04 21:08:53 ----D---- C:\Windows\Minidump
2015-06-04 19:53:08 ----D---- C:\tmp
2015-06-04 19:38:41 ----D---- C:\Windows\winsxs
2015-06-04 11:59:02 ----D---- C:\ProgramData\boost_interprocess
2015-06-04 11:47:21 ----D---- C:\Users\ALA\AppData\Roaming\vlc
2015-06-03 23:30:35 ----RD---- C:\Program Files (x86)
2015-06-03 23:30:35 ----D---- C:\ProgramData
2015-06-03 20:08:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 19:37:22 ----D---- C:\Windows\system32\DriverStore
2015-06-02 19:37:19 ----D---- C:\Temp
2015-06-02 19:37:19 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-02 10:29:16 ----SHD---- C:\System Volume Information
2015-06-01 21:46:19 ----D---- C:\Program Files (x86)\Steam
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvspcap64.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvapi64.dll
2015-05-28 06:15:30 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-27 18:53:51 ----D---- C:\Windows\system32\catroot2
2015-05-26 17:58:53 ----D---- C:\Users\ALA\AppData\Roaming\AIMP3
2015-05-24 19:06:50 ----D---- C:\Windows\system32\NDF
2015-05-21 01:16:04 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-21 01:16:04 ----SD---- C:\Windows\system32\GWX
2015-05-18 20:20:32 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-15 16:45:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-13 13:10:55 ----D---- C:\Windows\rescache
2015-05-13 12:13:57 ----D---- C:\Windows\Microsoft.NET
2015-05-13 12:11:52 ----RSD---- C:\Windows\assembly
2015-05-13 10:20:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-13 10:20:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-05-13 10:20:20 ----D---- C:\Windows\system32\en-US
2015-05-13 10:20:20 ----D---- C:\Windows\system32\cs-CZ
2015-05-13 10:20:20 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 10:20:20 ----D---- C:\Program Files\Windows Journal
2015-05-13 10:20:20 ----D---- C:\Program Files\Internet Explorer
2015-05-13 10:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 10:20:19 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-13 10:01:22 ----D---- C:\Windows\system32\MRT
2015-05-13 10:00:08 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 10:00:03 ----SHD---- C:\Windows\Installer
2015-05-13 08:52:35 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asstor64;asstor64; C:\Windows\system32\DRIVERS\asstor64.sys [2014-03-14 84816]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-10 59064]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-11 645480]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-11 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2014-02-24 14464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-08-19 219696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-08-19 155896]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-08-19 40512]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-08-19 198096]
R3 AiChargerPlus;AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [2013-01-28 14848]
R3 ASMTFilter;ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [2013-01-28 21400]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2014-01-09 138456]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2014-01-09 423128]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-11-07 9082576]
R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2014-11-07 22736]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2014-03-14 487704]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-10-07 14136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-27 3976792]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-10-07 100664]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-10-07 15160]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2014-04-29 24824]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-10-01 172760]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-03 598808]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-03-07 81088]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2014-04-25 954648]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-04-24 1360016]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [2014-05-10 389944]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-10-01 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2014-09-24 1029704]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-28 1152656]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2014-03-11 260360]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-28 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-28 23006864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-15 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2014-09-24 41672]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2014-09-24 190152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Run by ALA at 2015-06-04 21:47:08
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 134 GB (59%) free of 229 GB
Total RAM: 16325 MB (83% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:14, on 4.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\ALA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - Global Startup: Bluetooth.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
O23 - Service: ESET SHA Service (ESHASRV) - ESET - C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 10473 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\Tablet\Wacom\WTabletServicePro.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
/QuitInfo:0000000000000448;0000000000000460; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 22026976
\??\C:\Windows\system32\conhost.exe "-529015520-7650534191883416972754431962-17415223101005836587-13028994161808450004
/QuitInfo:0000000000000734;0000000000000738; /AddRef;
/QuitInfo:0000000000000740;0000000000000764;
C:\Windows\System32\spoolsv.exe
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
/loadhooks /Parent:0000000000000724
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
taskeng.exe {390DE111-4F7C-4DBB-85B3-7202D2BCE89C}
"C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe" -onlytray
C:\Windows\SysWOW64\ASGT.exe
"C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 87cd5e4e-422f-4dbc-8504-7b7929bc1f0b 1
\??\C:\Windows\system32\conhost.exe "327827287-2084217935-1181039683-1821303691-23747567712444287781353889950-734908937
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-21391457629886678068295375561207714997-8965374112046412556-1728071051440884935
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2e189d1c-910e-4e3a-902d-aa699f5e3f47 -SystemEventPortName:HostProcess-c03b9cef-4ae4-46b6-96d5-ff1ea78d349d -IoCancelEventPortName:HostProcess-6e066f9d-8d87-4d31-b827-2126f30377a0 -NonStateChangingEventPortName:HostProcess-811d2442-c21a-42d0-a5d3-e61832eebc83 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:c72671e0-be52-4fe2-a0fe-0377d72d5665 -DeviceGroupId:
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\ESET\ESET Endpoint Security\egui.exe" /hide /waitservice
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe" "-launchedbyvulcan"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe" --onOSstartup=true --showwindow=false --waitForRegistration=true
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 (Windows NT 6.1.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/537.36 CreativeCloud/2.0.0.74" --lang=en-US --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable --channel="4580.0.1637454808\459901017" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe"
"C:\Program Files\Tablet\Wacom\WacomHost.exe" "C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe" au
"C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\SysWOW64\RunDll32.exe" "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe" -s
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe" --type=gpu-process --channel="4580.1.1071021502\370853583" --no-sandbox --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable --supports-dual-gpus=false --gpu-vendor-id=0x10de --gpu-device-id=0x13c0 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.5306 --lang=en-US --locales-dir-path="C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\locales" --log-severity=disable /prefetch:822062411
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
notepad.exe "C:\Users\ALA\AppData\Local\Temp\log.txt"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\explorer.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\ALA\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ALA\AppData\Roaming\Mozilla\Firefox\Profiles\d2nah9ie.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.188 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.7]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\wacom.com/WacomTabletPlugin]
"Description"=
"Path"=C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17 172704]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17 141984]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-05-27 7611608]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"egui"=C:\Program Files\ESET\ESET Endpoint Security\egui.exe [2014-09-24 4124360]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-28 2754704]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-28 1571696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2015-03-17 867488]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"ASUS AiChargerPlus Execute"=C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [2013-01-28 550272]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-04-20 2584240]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2015-03-17 1851040]
""= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-06-04 21:47:08 ----D---- C:\rsit
2015-06-04 21:47:08 ----D---- C:\Program Files\trend micro
2015-06-04 21:40:51 ----A---- C:\ComboFix.txt
2015-06-04 21:39:10 ----SHD---- C:\$RECYCLE.BIN
2015-06-04 21:32:28 ----A---- C:\Windows\zip.exe
2015-06-04 21:32:28 ----A---- C:\Windows\SWSC.exe
2015-06-04 21:32:28 ----A---- C:\Windows\SWREG.exe
2015-06-04 21:32:28 ----A---- C:\Windows\sed.exe
2015-06-04 21:32:28 ----A---- C:\Windows\PEV.exe
2015-06-04 21:32:28 ----A---- C:\Windows\NIRCMD.exe
2015-06-04 21:32:28 ----A---- C:\Windows\MBR.exe
2015-06-04 21:32:28 ----A---- C:\Windows\grep.exe
2015-06-04 21:32:26 ----D---- C:\ComboFix
2015-06-04 21:32:25 ----AD---- C:\Qoobox
2015-06-04 21:32:20 ----D---- C:\Windows\erdnt
2015-06-04 21:08:52 ----A---- C:\Windows\ntbtlog.txt
2015-06-04 20:32:44 ----D---- C:\Users\ALA\AppData\Roaming\WinRAR
2015-06-04 20:32:17 ----D---- C:\Program Files\WinRAR
2015-06-03 09:37:35 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-02 19:37:03 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-02 19:36:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvdispco6435306.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-02 19:36:06 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-02 19:36:05 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-02 19:36:05 ----A---- C:\Windows\system32\nvcompiler.dll
2015-06-02 19:17:19 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-06-02 19:17:19 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-05-18 20:20:00 ----A---- C:\Windows\system32\nvoglv64.dll
2015-05-18 20:20:00 ----A---- C:\Windows\system32\nvhdap64.dll
2015-05-18 20:20:00 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvdispgenco6435286.dll
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvdispco6435286.dll
2015-05-18 20:19:59 ----A---- C:\Windows\system32\nvcuda.dll
2015-05-13 09:59:28 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:59:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 09:33:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-05-13 09:33:26 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-05-13 09:33:26 ----A---- C:\Windows\system32\schannel.dll
2015-05-13 09:33:26 ----A---- C:\Windows\system32\certcli.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-05-13 09:33:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\iernonce.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-13 09:33:24 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-05-13 09:33:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\urlmon.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 09:33:23 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\iesetup.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-13 09:33:23 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 09:33:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\vbscript.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieui.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\iertutil.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\ieframe.dll
2015-05-13 09:33:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\wininet.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\msrating.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript9.dll
2015-05-13 09:33:21 ----A---- C:\Windows\system32\jscript.dll
2015-05-13 09:33:20 ----A---- C:\Windows\system32\mshtml.dll
2015-05-13 09:32:29 ----A---- C:\Windows\system32\services.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 09:32:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\tdh.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-13 09:32:28 ----A---- C:\Windows\system32\ntdll.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\kernel32.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-13 09:32:28 ----A---- C:\Windows\system32\advapi32.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 09:32:27 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\user.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64win.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64cpu.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wow64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\winsrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\wdigest.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\typeperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sspicli.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\srcore.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\srclient.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\smss.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\sechost.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\secur32.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\rstrui.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\relog.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\ntvdm64.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msobjs.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\msaudite.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\lsass.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\logman.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\kerberos.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-13 09:32:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-13 09:32:27 ----A---- C:\Windows\system32\diskperf.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\credssp.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\conhost.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\auditpol.exe
2015-05-13 09:32:27 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-13 09:32:27 ----A---- C:\Windows\system32\adtschema.dll
2015-05-13 09:32:23 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-05-13 09:32:23 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 09:32:23 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 09:32:23 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 09:32:22 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-05-13 09:32:22 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-13 09:32:22 ----A---- C:\Windows\system32\InkEd.dll
2015-05-13 09:32:21 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-05-13 09:32:21 ----A---- C:\Windows\system32\poqexec.exe
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-05-13 09:32:20 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\shimeng.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-13 09:32:20 ----A---- C:\Windows\system32\apphelp.dll
2015-05-13 09:32:20 ----A---- C:\Windows\system32\aelupsvc.dll
======List of files/folders modified in the last 1 month======
2015-06-04 21:47:09 ----D---- C:\Windows\Temp
2015-06-04 21:47:08 ----RD---- C:\Program Files
2015-06-04 21:45:00 ----D---- C:\Windows\System32
2015-06-04 21:45:00 ----D---- C:\Windows\inf
2015-06-04 21:45:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-04 21:40:53 ----D---- C:\Windows\system32\drivers
2015-06-04 21:39:36 ----A---- C:\Windows\PE_Rom.dll
2015-06-04 21:39:11 ----D---- C:\Windows
2015-06-04 21:39:11 ----A---- C:\Windows\system.ini
2015-06-04 21:39:10 ----D---- C:\Windows\system32\drivers\etc
2015-06-04 21:39:05 ----D---- C:\ProgramData\NVIDIA
2015-06-04 21:38:12 ----D---- C:\Windows\system32\config
2015-06-04 21:36:36 ----D---- C:\Windows\SYSWOW64\drivers
2015-06-04 21:36:36 ----D---- C:\Windows\SysWOW64
2015-06-04 21:36:36 ----D---- C:\Windows\AppPatch
2015-06-04 21:36:36 ----D---- C:\Program Files (x86)\Common Files
2015-06-04 21:10:40 ----SD---- C:\Users\ALA\AppData\Roaming\Microsoft
2015-06-04 21:10:40 ----SD---- C:\ProgramData\Microsoft
2015-06-04 21:08:53 ----D---- C:\Windows\Minidump
2015-06-04 19:53:08 ----D---- C:\tmp
2015-06-04 19:38:41 ----D---- C:\Windows\winsxs
2015-06-04 11:59:02 ----D---- C:\ProgramData\boost_interprocess
2015-06-04 11:47:21 ----D---- C:\Users\ALA\AppData\Roaming\vlc
2015-06-03 23:30:35 ----RD---- C:\Program Files (x86)
2015-06-03 23:30:35 ----D---- C:\ProgramData
2015-06-03 20:08:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 19:37:22 ----D---- C:\Windows\system32\DriverStore
2015-06-02 19:37:19 ----D---- C:\Temp
2015-06-02 19:37:19 ----D---- C:\ProgramData\NVIDIA Corporation
2015-06-02 10:29:16 ----SHD---- C:\System Volume Information
2015-06-01 21:46:19 ----D---- C:\Program Files (x86)\Steam
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2015-05-28 09:04:11 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\OpenCL.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvspcap64.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-05-28 09:04:11 ----A---- C:\Windows\system32\nvapi64.dll
2015-05-28 06:15:30 ----A---- C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvshext.dll
2015-05-28 06:15:29 ----A---- C:\Windows\system32\nvmctray.dll
2015-05-28 06:15:28 ----A---- C:\Windows\system32\nvcpl.dll
2015-05-27 18:53:51 ----D---- C:\Windows\system32\catroot2
2015-05-26 17:58:53 ----D---- C:\Users\ALA\AppData\Roaming\AIMP3
2015-05-24 19:06:50 ----D---- C:\Windows\system32\NDF
2015-05-21 01:16:04 ----SD---- C:\Windows\SYSWOW64\GWX
2015-05-21 01:16:04 ----SD---- C:\Windows\system32\GWX
2015-05-18 20:20:32 ----D---- C:\Program Files\NVIDIA Corporation
2015-05-15 16:45:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-05-13 13:10:55 ----D---- C:\Windows\rescache
2015-05-13 12:13:57 ----D---- C:\Windows\Microsoft.NET
2015-05-13 12:11:52 ----RSD---- C:\Windows\assembly
2015-05-13 10:20:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-05-13 10:20:20 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-05-13 10:20:20 ----D---- C:\Windows\system32\en-US
2015-05-13 10:20:20 ----D---- C:\Windows\system32\cs-CZ
2015-05-13 10:20:20 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 10:20:20 ----D---- C:\Program Files\Windows Journal
2015-05-13 10:20:20 ----D---- C:\Program Files\Internet Explorer
2015-05-13 10:20:20 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 10:20:19 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-13 10:01:22 ----D---- C:\Windows\system32\MRT
2015-05-13 10:00:08 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 10:00:03 ----SHD---- C:\Windows\Installer
2015-05-13 08:52:35 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 asstor64;asstor64; C:\Windows\system32\DRIVERS\asstor64.sys [2014-03-14 84816]
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2014-09-10 59064]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2014-04-11 645480]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2014-04-11 28008]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-01-28 15232]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2014-02-24 14464]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-08-19 219696]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-08-19 155896]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2014-08-19 40512]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2014-08-19 198096]
R3 AiChargerPlus;AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [2013-01-28 14848]
R3 ASMTFilter;ASMTFilter; C:\Windows\SysWow64\drivers\asmtufdriver.sys [2013-01-28 21400]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2014-01-09 138456]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2014-01-09 423128]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-11-07 9082576]
R3 BcmVWL;Broadcom Virtual Wireless; C:\Windows\system32\DRIVERS\bcmvwl64.sys [2014-11-07 22736]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2014-03-14 487704]
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys [2014-10-07 14136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-27 3976792]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-02-21 791024]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-09-30 129312]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-05-13 195912]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-04-03 38032]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys [2014-10-07 100664]
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys [2014-10-07 15160]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [2014-04-29 24824]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2013-10-01 172760]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\Windows\system32\drivers\btwampfl.sys [2012-12-03 598808]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-05-01 184144]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-03-06 210984]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 39976]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-03-06 21544]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-03-07 81088]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-01-28 936728]
R2 ASGT;ASGT; C:\Windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [2014-04-25 954648]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-04-24 1360016]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.07\AsusFanControlService.exe [2014-05-10 389944]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2013-10-01 1008344]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [2014-09-24 1029704]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-28 1152656]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2014-03-11 260360]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-03-20 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-03-20 398296]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-28 1893008]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-28 23006864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-05-28 937288]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-01-02 171632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-15 268464]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [2014-09-24 41672]
S3 ESHASRV;ESET SHA Service; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [2014-09-24 190152]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-07 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119676
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Log vypadá čistý. Problém má ovladač ASUSFILTER.sys, což je ovladač od Asusu. Zkuste ovladače od Asusu přeinstalovat. Pak, pro jistotu udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 4.6.2015
Čas skenování: 23:57:50
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.04.05
Databáze rootkitů: v2015.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: ALA
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 368372
Uplynulý čas: 3 min, 48 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Varovat
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 4.6.2015
Čas skenování: 23:57:50
Protokol:
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.04.05
Databáze rootkitů: v2015.06.02.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: ALA
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 368372
Uplynulý čas: 3 min, 48 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Varovat
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Díky moc, našel jsem tenhle problém (díky Vám, jinak by mě to v životě nenapadlo - problémem je USB 3 rozbočovač) ještě na jiném webu jen co jsem tam napsal název ovladače...
Kdyby někdo (tak jako já) nevěděl co se děje
http://www.solvusoft.com/en/files/bsod- ... ilter-sys/
(nicméně stejně mi nejde dohlavy ten Cloudflare captcha a blokování IP adresy, když nešlo o malware)
Ještě jednou díky, dělám na filmu (jako freelancer) a už jsem modral strachy, že se mi to .... v tu nejlepší chvíli!
Kdyby někdo (tak jako já) nevěděl co se děje
http://www.solvusoft.com/en/files/bsod- ... ilter-sys/
(nicméně stejně mi nejde dohlavy ten Cloudflare captcha a blokování IP adresy, když nešlo o malware)
Ještě jednou díky, dělám na filmu (jako freelancer) a už jsem modral strachy, že se mi to .... v tu nejlepší chvíli!
-
Rudy
- Site Admin
- Příspěvky: 119676
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nějaká havěť prošla přez ESET endpoint _ modrá obrazovka
Log MBAM je OK. Nemáte zač, rád jsem pomohl. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?