Zdravím. Mohl bych poprosit o kontrolu logu počítače mého 14ti letého synovce. Je to samozřejmě hráč her. A posledních pár dní mu počítač sám píše větu "Dneska nic moc", potom i párkrát zmáčkne Enter, aniž by člověk na cokoliv sahal.
Kdybych to neviděl na vlastní oči, neveřil bych tomu. Malwarebytes jsem to projel a nic to nenašlo.
Počítač jinak běží svižně a bez problémů
Předem moc děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2015-11-09 15:45:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 61 GB (53%) free of 114 GB
Total RAM: 4078 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:45:10, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\STAZENE_SOUBORY\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Curse.lnk = C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9410 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
atieclxx
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\system32\Dwm.exe"
taskeng.exe {7B806F74-83D1-49C4-9C68-F70B93C5E5BC}
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\STAZENE_SOUBORY\iTunesHelper.exe"
"C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe" /startup
"C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {BDBBB11F-1C56-46B7-9CAC-AB3DCAB582FF}
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
C:\Windows\servicing\TrustedInstaller.exe
"c:\program files (x86)\teamviewer\TeamViewer_Desktop.exe" --IPCport 5939
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
wmiadap.exe /F /T /R
C:\Windows\system32\wbem\wmiprvse.exe
"D:\STAZENE_SOUBORY\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000Core.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000UA.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"iTunesHelper"=D:\STAZENE_SOUBORY\iTunesHelper.exe [2015-08-13 170256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STAZENE_SOUBORY\Steam\steam.exe [2015-11-05 3011152]
"DAEMON Tools Ultra Agent"=D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe -autorun []
"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-09-24 1095704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
"Facebook Update"=C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-10-16 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
Facebook Messenger.lnk - C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-09 15:45:05 ----D---- C:\Program Files\trend micro
2015-11-09 15:45:04 ----D---- C:\rsit
2015-11-09 15:42:19 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2015-11-08 17:24:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-08 17:23:39 ----D---- C:\ProgramData\Malwarebytes
2015-10-16 18:04:57 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2015-10-16 18:01:06 ----D---- C:\Program Files (x86)\Sega
2015-10-15 12:57:51 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 12:57:51 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 13:05:14 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 13:05:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:05:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 13:05:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 13:04:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 13:04:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:04:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 13:04:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 13:04:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:04:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 13:04:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\occache.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 13:04:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 13:04:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 13:04:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 13:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 13:04:28 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 13:04:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 13:04:24 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 13:04:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 13:04:22 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 13:04:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 13:04:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 13:04:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 13:04:18 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:04:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:01:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 13:01:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 13:01:28 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 13:01:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 13:01:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\smss.exe
2015-10-14 13:01:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 13:01:20 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 13:01:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 13:01:17 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 12:59:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 12:59:04 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 12:59:04 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 21:21:34 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-10-13 21:18:21 ----D---- C:\Users\Lukas\AppData\Roaming\Awesomium
======List of files/folders modified in the last 1 month======
2015-11-09 15:45:06 ----D---- C:\Windows\Temp
2015-11-09 15:45:05 ----RD---- C:\Program Files
2015-11-09 15:42:39 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-09 15:42:31 ----D---- C:\Windows\system32\drivers
2015-11-09 15:42:30 ----D---- C:\Windows\system32\DriverStore
2015-11-09 15:42:30 ----D---- C:\Windows\inf
2015-11-09 15:42:29 ----SHD---- C:\System Volume Information
2015-11-09 15:41:16 ----D---- C:\Windows\system32\config
2015-11-09 15:40:55 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2015-11-09 15:40:40 ----D---- C:\Users\Lukas\AppData\Roaming\Curse Client
2015-11-08 17:23:39 ----HD---- C:\ProgramData
2015-11-08 15:54:10 ----D---- C:\Windows\System32
2015-11-08 15:54:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-10-31 10:13:05 ----D---- C:\Users\Lukas\AppData\Roaming\Raptr
2015-10-31 10:12:45 ----D---- C:\Program Files (x86)\Raptr
2015-10-24 20:59:03 ----D---- C:\Windows\system32\NDF
2015-10-23 12:48:06 ----SHD---- C:\Windows\Installer
2015-10-23 12:48:06 ----D---- C:\ProgramData\Skype
2015-10-16 22:15:22 ----D---- C:\Windows\Tasks
2015-10-16 22:15:22 ----D---- C:\Windows\system32\Tasks
2015-10-16 18:04:57 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-16 18:03:31 ----RSD---- C:\Windows\assembly
2015-10-16 18:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 18:01:06 ----RD---- C:\Program Files (x86)
2015-10-16 07:22:38 ----D---- C:\Windows\rescache
2015-10-15 20:54:05 ----D---- C:\Windows\winsxs
2015-10-15 20:54:04 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 20:54:04 ----D---- C:\Windows\system32\appraiser
2015-10-15 20:54:04 ----D---- C:\Windows\AppPatch
2015-10-15 17:41:48 ----RD---- C:\Program Files (x86)\Skype
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Windows\SysWOW64
2015-10-15 02:23:07 ----D---- C:\Windows\system32\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Program Files\Internet Explorer
2015-10-15 02:23:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 02:23:06 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 02:23:06 ----D---- C:\Windows\system32\Boot
2015-10-15 02:07:58 ----D---- C:\Windows\system32\MRT
2015-10-15 02:03:47 ----A---- C:\Windows\system32\MRT.exe
2015-10-14 12:57:12 ----D---- C:\Windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-07-14 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-05-17 4644184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2015-05-17 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2015-06-18 16376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-20 325912]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-06-18 5495056]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S2 MBAMService;MBAMService; D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-06 238376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Počítač sám píše
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač sám píše
Zdravím!
Spusťte tuto utílitu:
Spusťte tuto utílitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač sám píše
Synovec dal rovnou i clean. Zde je log po cleanu:
# AdwCleaner v5.019 - Logfile created 09/11/2015 at 19:26:43
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Lukas - LUKAS-PC
# Running from : D:\STAZENE_SOUBORY\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\21908
***** [ Files ] *****
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1658 bytes] ##########
# AdwCleaner v5.019 - Logfile created 09/11/2015 at 19:26:43
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Lukas - LUKAS-PC
# Running from : D:\STAZENE_SOUBORY\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\Lukas\AppData\Local\21908
***** [ Files ] *****
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage
[-] File Deleted : C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.yourtango.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{117270FA-48AC-45BB-9171-B63D1B42A910}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1658 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač sám píše
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač sám píše
zde je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2015-11-09 20:30:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 60 GB (53%) free of 114 GB
Total RAM: 4078 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:48, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\STAZENE_SOUBORY\Steam\steam.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
D:\STAZENE_SOUBORY\Steam\GameOverlayUI.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\STAZENE_SOUBORY\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Curse.lnk = C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9708 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
atieclxx
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\STAZENE_SOUBORY\iTunesHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"taskhost.exe"
"D:\STAZENE_SOUBORY\Steam\steam.exe" "steam://rungameid/730"
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Lukas\AppData\Local\Steam\htmlcache" -steampid=3768 -buildid=1446742416 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\STAZENE_SOUBORY\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe" -steam
D:\STAZENE_SOUBORY\Steam\GameOverlayUI.exe -pid 5620 -manuallyclearframes 0
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.2.1084159092\392570222" --font-cache-shared-handle=2196 /prefetch:673131151
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.3.454416311\1618793690" --font-cache-shared-handle=1000 /prefetch:673131151
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.4.9017666\2059600095" --font-cache-shared-handle=2960 /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\STAZENE_SOUBORY\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000Core.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000UA.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"iTunesHelper"=D:\STAZENE_SOUBORY\iTunesHelper.exe [2015-08-13 170256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STAZENE_SOUBORY\Steam\steam.exe [2015-11-05 3011152]
"DAEMON Tools Ultra Agent"=D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe -autorun []
"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-09-24 1095704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
"Facebook Update"=C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-10-16 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
Facebook Messenger.lnk - C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-09 15:49:30 ----D---- C:\AdwCleaner
2015-11-09 15:45:05 ----D---- C:\Program Files\trend micro
2015-11-09 15:45:04 ----D---- C:\rsit
2015-11-09 15:42:19 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2015-11-08 17:24:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-08 17:23:39 ----D---- C:\ProgramData\Malwarebytes
2015-10-16 18:04:57 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2015-10-16 18:01:06 ----D---- C:\Program Files (x86)\Sega
2015-10-15 12:57:51 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 12:57:51 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 13:05:14 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 13:05:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:05:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 13:05:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 13:04:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 13:04:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:04:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 13:04:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 13:04:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:04:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 13:04:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\occache.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 13:04:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 13:04:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 13:04:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 13:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 13:04:28 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 13:04:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 13:04:24 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 13:04:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 13:04:22 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 13:04:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 13:04:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 13:04:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 13:04:18 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:04:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:01:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 13:01:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 13:01:28 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 13:01:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 13:01:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\smss.exe
2015-10-14 13:01:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 13:01:20 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 13:01:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 13:01:17 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 12:59:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 12:59:04 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 12:59:04 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 21:21:34 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-10-13 21:18:21 ----D---- C:\Users\Lukas\AppData\Roaming\Awesomium
======List of files/folders modified in the last 1 month======
2015-11-09 20:30:45 ----D---- C:\Windows\Temp
2015-11-09 20:28:36 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2015-11-09 18:29:53 ----D---- C:\Users\Lukas\AppData\Roaming\Curse Client
2015-11-09 16:09:48 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-09 16:09:47 ----D---- C:\Windows\system32\Tasks
2015-11-09 16:05:45 ----D---- C:\Windows\System32
2015-11-09 16:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-09 16:05:44 ----D---- C:\Windows\inf
2015-11-09 16:02:55 ----D---- C:\Windows\system32\config
2015-11-09 16:01:53 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-09 16:00:01 ----D---- C:\Windows\system32\catroot2
2015-11-09 15:59:41 ----D---- C:\Windows\system32\drivers
2015-11-09 15:59:41 ----D---- C:\Windows\SoftwareDistribution
2015-11-09 15:45:05 ----RD---- C:\Program Files
2015-11-09 15:42:30 ----D---- C:\Windows\system32\DriverStore
2015-11-09 15:42:29 ----SHD---- C:\System Volume Information
2015-11-08 17:23:39 ----HD---- C:\ProgramData
2015-10-31 10:13:05 ----D---- C:\Users\Lukas\AppData\Roaming\Raptr
2015-10-31 10:12:45 ----D---- C:\Program Files (x86)\Raptr
2015-10-24 20:59:03 ----D---- C:\Windows\system32\NDF
2015-10-23 12:48:06 ----SHD---- C:\Windows\Installer
2015-10-23 12:48:06 ----D---- C:\ProgramData\Skype
2015-10-16 22:15:22 ----D---- C:\Windows\Tasks
2015-10-16 18:04:57 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-16 18:03:31 ----RSD---- C:\Windows\assembly
2015-10-16 18:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 18:01:06 ----RD---- C:\Program Files (x86)
2015-10-16 07:22:38 ----D---- C:\Windows\rescache
2015-10-15 20:54:05 ----D---- C:\Windows\winsxs
2015-10-15 20:54:04 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 20:54:04 ----D---- C:\Windows\system32\appraiser
2015-10-15 20:54:04 ----D---- C:\Windows\AppPatch
2015-10-15 17:41:48 ----RD---- C:\Program Files (x86)\Skype
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Windows\SysWOW64
2015-10-15 02:23:07 ----D---- C:\Windows\system32\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Program Files\Internet Explorer
2015-10-15 02:23:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 02:23:06 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 02:23:06 ----D---- C:\Windows\system32\Boot
2015-10-15 02:07:58 ----D---- C:\Windows\system32\MRT
2015-10-15 02:03:47 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-07-14 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-05-17 4644184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2015-05-17 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2015-06-18 16376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-20 325912]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S2 MBAMService;MBAMService; D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-06 238376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2015-11-09 20:30:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 60 GB (53%) free of 114 GB
Total RAM: 4078 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:48, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\STAZENE_SOUBORY\Steam\steam.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
D:\STAZENE_SOUBORY\Steam\GameOverlayUI.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\STAZENE_SOUBORY\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Curse.lnk = C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9708 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
atieclxx
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\STAZENE_SOUBORY\iTunesHelper.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"taskhost.exe"
"D:\STAZENE_SOUBORY\Steam\steam.exe" "steam://rungameid/730"
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Lukas\AppData\Local\Steam\htmlcache" -steampid=3768 -buildid=1446742416 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\STAZENE_SOUBORY\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe" -steam
D:\STAZENE_SOUBORY\Steam\GameOverlayUI.exe -pid 5620 -manuallyclearframes 0
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.2.1084159092\392570222" --font-cache-shared-handle=2196 /prefetch:673131151
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.3.454416311\1618793690" --font-cache-shared-handle=1000 /prefetch:673131151
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="3124.4.9017666\2059600095" --font-cache-shared-handle=2960 /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"D:\STAZENE_SOUBORY\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000Core.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000UA.job - C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"iTunesHelper"=D:\STAZENE_SOUBORY\iTunesHelper.exe [2015-08-13 170256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STAZENE_SOUBORY\Steam\steam.exe [2015-11-05 3011152]
"DAEMON Tools Ultra Agent"=D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe -autorun []
"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-09-24 1095704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
"Facebook Update"=C:\Users\Lukas\AppData\Local\Facebook\Update\FacebookUpdate.exe [2015-10-16 138096]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
Facebook Messenger.lnk - C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-09 15:49:30 ----D---- C:\AdwCleaner
2015-11-09 15:45:05 ----D---- C:\Program Files\trend micro
2015-11-09 15:45:04 ----D---- C:\rsit
2015-11-09 15:42:19 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2015-11-08 17:24:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-08 17:23:39 ----D---- C:\ProgramData\Malwarebytes
2015-10-16 18:04:57 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2015-10-16 18:01:06 ----D---- C:\Program Files (x86)\Sega
2015-10-15 12:57:51 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 12:57:51 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 13:05:14 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 13:05:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:05:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 13:05:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 13:04:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 13:04:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:04:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 13:04:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 13:04:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:04:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 13:04:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\occache.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 13:04:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 13:04:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 13:04:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 13:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 13:04:28 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 13:04:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 13:04:24 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 13:04:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 13:04:22 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 13:04:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 13:04:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 13:04:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 13:04:18 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:04:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:01:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 13:01:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 13:01:28 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 13:01:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 13:01:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\smss.exe
2015-10-14 13:01:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 13:01:20 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 13:01:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 13:01:17 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 12:59:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 12:59:04 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 12:59:04 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 21:21:34 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-10-13 21:18:21 ----D---- C:\Users\Lukas\AppData\Roaming\Awesomium
======List of files/folders modified in the last 1 month======
2015-11-09 20:30:45 ----D---- C:\Windows\Temp
2015-11-09 20:28:36 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2015-11-09 18:29:53 ----D---- C:\Users\Lukas\AppData\Roaming\Curse Client
2015-11-09 16:09:48 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-09 16:09:47 ----D---- C:\Windows\system32\Tasks
2015-11-09 16:05:45 ----D---- C:\Windows\System32
2015-11-09 16:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-09 16:05:44 ----D---- C:\Windows\inf
2015-11-09 16:02:55 ----D---- C:\Windows\system32\config
2015-11-09 16:01:53 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-09 16:00:01 ----D---- C:\Windows\system32\catroot2
2015-11-09 15:59:41 ----D---- C:\Windows\system32\drivers
2015-11-09 15:59:41 ----D---- C:\Windows\SoftwareDistribution
2015-11-09 15:45:05 ----RD---- C:\Program Files
2015-11-09 15:42:30 ----D---- C:\Windows\system32\DriverStore
2015-11-09 15:42:29 ----SHD---- C:\System Volume Information
2015-11-08 17:23:39 ----HD---- C:\ProgramData
2015-10-31 10:13:05 ----D---- C:\Users\Lukas\AppData\Roaming\Raptr
2015-10-31 10:12:45 ----D---- C:\Program Files (x86)\Raptr
2015-10-24 20:59:03 ----D---- C:\Windows\system32\NDF
2015-10-23 12:48:06 ----SHD---- C:\Windows\Installer
2015-10-23 12:48:06 ----D---- C:\ProgramData\Skype
2015-10-16 22:15:22 ----D---- C:\Windows\Tasks
2015-10-16 18:04:57 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-16 18:03:31 ----RSD---- C:\Windows\assembly
2015-10-16 18:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 18:01:06 ----RD---- C:\Program Files (x86)
2015-10-16 07:22:38 ----D---- C:\Windows\rescache
2015-10-15 20:54:05 ----D---- C:\Windows\winsxs
2015-10-15 20:54:04 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 20:54:04 ----D---- C:\Windows\system32\appraiser
2015-10-15 20:54:04 ----D---- C:\Windows\AppPatch
2015-10-15 17:41:48 ----RD---- C:\Program Files (x86)\Skype
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Windows\SysWOW64
2015-10-15 02:23:07 ----D---- C:\Windows\system32\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Program Files\Internet Explorer
2015-10-15 02:23:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 02:23:06 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 02:23:06 ----D---- C:\Windows\system32\Boot
2015-10-15 02:07:58 ----D---- C:\Windows\system32\MRT
2015-10-15 02:03:47 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-07-14 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-05-17 4644184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2015-05-17 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2015-06-18 16376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-20 325912]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S2 MBAMService;MBAMService; D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-06 238376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač sám píše
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\Skype\Toolbars
C:\Users\Lukas\AppData\Local\Facebook\Update
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3366924045-2678515270-3320482772-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]/64
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
:services
c2cautoupdatesvc
c2cpnrsvc
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač sám píše
zde 
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2015-11-09 21:01:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (54%) free of 114 GB
Total RAM: 4078 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:01:20, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
D:\STAZENE_SOUBORY\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\STAZENE_SOUBORY\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Curse.lnk = C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9256 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
atieclxx
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {D541B357-74A4-4C7A-82A2-169CF32F5045}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\STAZENE_SOUBORY\iTunesHelper.exe"
"D:\STAZENE_SOUBORY\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe" /startup
"C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Lukas\AppData\Local\Steam\htmlcache" -steampid=2940 -buildid=1446742416 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\STAZENE_SOUBORY\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"iTunesHelper"=D:\STAZENE_SOUBORY\iTunesHelper.exe [2015-08-13 170256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STAZENE_SOUBORY\Steam\steam.exe [2015-11-05 3011152]
"DAEMON Tools Ultra Agent"=D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe -autorun []
"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-09-24 1095704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
Facebook Messenger.lnk - C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-09 15:49:30 ----D---- C:\AdwCleaner
2015-11-09 15:45:05 ----D---- C:\Program Files\trend micro
2015-11-09 15:45:04 ----D---- C:\rsit
2015-11-09 15:42:19 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2015-11-08 17:24:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-08 17:23:39 ----D---- C:\ProgramData\Malwarebytes
2015-10-16 18:04:57 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2015-10-16 18:01:06 ----D---- C:\Program Files (x86)\Sega
2015-10-15 12:57:51 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 12:57:51 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 13:05:14 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 13:05:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:05:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 13:05:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 13:04:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 13:04:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:04:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 13:04:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 13:04:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:04:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 13:04:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\occache.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 13:04:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 13:04:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 13:04:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 13:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 13:04:28 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 13:04:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 13:04:24 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 13:04:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 13:04:22 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 13:04:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 13:04:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 13:04:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 13:04:18 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:04:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:01:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 13:01:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 13:01:28 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 13:01:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 13:01:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\smss.exe
2015-10-14 13:01:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 13:01:20 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 13:01:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 13:01:17 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 12:59:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 12:59:04 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 12:59:04 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 21:21:34 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-10-13 21:18:21 ----D---- C:\Users\Lukas\AppData\Roaming\Awesomium
======List of files/folders modified in the last 1 month======
2015-11-09 21:01:07 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2015-11-09 21:00:57 ----D---- C:\Users\Lukas\AppData\Roaming\Curse Client
2015-11-09 20:59:31 ----D---- C:\Windows\Temp
2015-11-09 20:59:30 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-09 20:57:17 ----D---- C:\Windows\Tasks
2015-11-09 16:09:48 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-09 16:09:47 ----D---- C:\Windows\system32\Tasks
2015-11-09 16:05:45 ----D---- C:\Windows\System32
2015-11-09 16:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-09 16:05:44 ----D---- C:\Windows\inf
2015-11-09 16:02:55 ----D---- C:\Windows\system32\config
2015-11-09 16:00:01 ----D---- C:\Windows\system32\catroot2
2015-11-09 15:59:41 ----D---- C:\Windows\system32\drivers
2015-11-09 15:59:41 ----D---- C:\Windows\SoftwareDistribution
2015-11-09 15:45:05 ----RD---- C:\Program Files
2015-11-09 15:42:30 ----D---- C:\Windows\system32\DriverStore
2015-11-09 15:42:29 ----SHD---- C:\System Volume Information
2015-11-08 17:23:39 ----HD---- C:\ProgramData
2015-10-31 10:13:05 ----D---- C:\Users\Lukas\AppData\Roaming\Raptr
2015-10-31 10:12:45 ----D---- C:\Program Files (x86)\Raptr
2015-10-24 20:59:03 ----D---- C:\Windows\system32\NDF
2015-10-23 12:48:06 ----SHD---- C:\Windows\Installer
2015-10-23 12:48:06 ----D---- C:\ProgramData\Skype
2015-10-16 18:04:57 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-16 18:03:31 ----RSD---- C:\Windows\assembly
2015-10-16 18:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 18:01:06 ----RD---- C:\Program Files (x86)
2015-10-16 07:22:38 ----D---- C:\Windows\rescache
2015-10-15 20:54:05 ----D---- C:\Windows\winsxs
2015-10-15 20:54:04 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 20:54:04 ----D---- C:\Windows\system32\appraiser
2015-10-15 20:54:04 ----D---- C:\Windows\AppPatch
2015-10-15 17:41:48 ----RD---- C:\Program Files (x86)\Skype
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Windows\SysWOW64
2015-10-15 02:23:07 ----D---- C:\Windows\system32\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Program Files\Internet Explorer
2015-10-15 02:23:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 02:23:06 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 02:23:06 ----D---- C:\Windows\system32\Boot
2015-10-15 02:07:58 ----D---- C:\Windows\system32\MRT
2015-10-15 02:03:47 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-07-14 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-05-17 4644184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2015-05-17 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2015-06-18 16376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-20 325912]
S2 MBAMService;MBAMService; D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-06 238376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukas at 2015-11-09 21:01:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 62 GB (54%) free of 114 GB
Total RAM: 4078 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:01:20, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal
Running processes:
D:\STAZENE_SOUBORY\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe
C:\Program Files\trend micro\Lukas.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Steam] "D:\STAZENE_SOUBORY\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "D:\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Curse.lnk = C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
O4 - Startup: Facebook Messenger.lnk = C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9256 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
atieclxx
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\sppsvc.exe
taskeng.exe {D541B357-74A4-4C7A-82A2-169CF32F5045}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"D:\STAZENE_SOUBORY\iTunesHelper.exe"
"D:\STAZENE_SOUBORY\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe" /startup
"C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"D:\STAZENE_SOUBORY\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Lukas\AppData\Local\Steam\htmlcache" -steampid=2940 -buildid=1446742416 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\STAZENE_SOUBORY\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2015-01-28 5595848]
"iTunesHelper"=D:\STAZENE_SOUBORY\iTunesHelper.exe [2015-08-13 170256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=D:\STAZENE_SOUBORY\Steam\steam.exe [2015-11-05 3011152]
"DAEMON Tools Ultra Agent"=D:\STAZENE_SOUBORY\DAEMON Tools Ultra\DTAgent.exe -autorun []
"DAEMON Tools Pro Agent"=D:\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"MK LOL"=C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [2015-09-24 1095704]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-10-01 56080]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Curse.lnk - C:\Users\Lukas\AppData\Roaming\Curse Client\Bin\Curse.exe
Facebook Messenger.lnk - C:\Users\Lukas\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-26 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-09 15:49:30 ----D---- C:\AdwCleaner
2015-11-09 15:45:05 ----D---- C:\Program Files\trend micro
2015-11-09 15:45:04 ----D---- C:\rsit
2015-11-09 15:42:19 ----A---- C:\Windows\system32\drivers\TVMonitor.sys
2015-11-08 17:24:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-11-08 17:24:17 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-11-08 17:23:39 ----D---- C:\ProgramData\Malwarebytes
2015-10-16 18:04:57 ----A---- C:\Windows\SYSWOW64\drivers\SECDRV.SYS
2015-10-16 18:01:06 ----D---- C:\Program Files (x86)\Sega
2015-10-15 12:57:51 ----A---- C:\Windows\system32\invagent.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\generaltel.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\devinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-15 12:57:51 ----A---- C:\Windows\system32\appraiser.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\aeinv.dll
2015-10-15 12:57:51 ----A---- C:\Windows\system32\acmigration.dll
2015-10-14 13:05:14 ----A---- C:\Windows\system32\shell32.dll
2015-10-14 13:05:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-14 13:05:12 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-14 13:05:11 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-14 13:04:40 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-10-14 13:04:40 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-10-14 13:04:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-10-14 13:04:39 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-10-14 13:04:38 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\iernonce.dll
2015-10-14 13:04:38 ----A---- C:\Windows\system32\ie4uinit.exe
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-10-14 13:04:37 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-10-14 13:04:36 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-10-14 13:04:36 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 13:04:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-10-14 13:04:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-10-14 13:04:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\urlmon.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\occache.dll
2015-10-14 13:04:32 ----A---- C:\Windows\system32\iedkcs32.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-10-14 13:04:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-10-14 13:04:31 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-10-14 13:04:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-10-14 13:04:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 13:04:30 ----A---- C:\Windows\system32\dxtrans.dll
2015-10-14 13:04:29 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-10-14 13:04:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-10-14 13:04:28 ----A---- C:\Windows\system32\iesetup.dll
2015-10-14 13:04:27 ----A---- C:\Windows\system32\ieapfltr.dll
2015-10-14 13:04:24 ----A---- C:\Windows\system32\iertutil.dll
2015-10-14 13:04:23 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-10-14 13:04:22 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-10-14 13:04:22 ----A---- C:\Windows\system32\vbscript.dll
2015-10-14 13:04:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-10-14 13:04:21 ----A---- C:\Windows\system32\jsproxy.dll
2015-10-14 13:04:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\ieui.dll
2015-10-14 13:04:19 ----A---- C:\Windows\system32\dxtmsft.dll
2015-10-14 13:04:18 ----A---- C:\Windows\system32\ieframe.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-10-14 13:04:17 ----A---- C:\Windows\system32\mshtmled.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\webcheck.dll
2015-10-14 13:04:16 ----A---- C:\Windows\system32\ieUnatt.exe
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript9diag.dll
2015-10-14 13:04:15 ----A---- C:\Windows\system32\jscript.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\wininet.dll
2015-10-14 13:04:14 ----A---- C:\Windows\system32\jscript9.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\msrating.dll
2015-10-14 13:04:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-10-14 13:04:10 ----A---- C:\Windows\system32\mshtml.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuwebv.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups2.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wups.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wudriver.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wucltux.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuaueng.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuauclt.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapp.exe
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wuapi.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 13:02:15 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-10-14 13:01:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-10-14 13:01:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-10-14 13:01:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\kernel32.dll
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-10-14 13:01:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-10-14 13:01:28 ----A---- C:\Windows\system32\ntdll.dll
2015-10-14 13:01:27 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\wow64.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\srcore.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-10-14 13:01:27 ----A---- C:\Windows\system32\conhost.exe
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-10-14 13:01:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\winsrv.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\schannel.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\rstrui.exe
2015-10-14 13:01:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-10-14 13:01:26 ----A---- C:\Windows\system32\kerberos.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-10-14 13:01:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\wdigest.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\sspicli.dll
2015-10-14 13:01:25 ----A---- C:\Windows\system32\smss.exe
2015-10-14 13:01:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\srclient.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\ntvdm64.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\lsass.exe
2015-10-14 13:01:24 ----A---- C:\Windows\system32\csrsrv.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\cryptbase.dll
2015-10-14 13:01:24 ----A---- C:\Windows\system32\auditpol.exe
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-10-14 13:01:23 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64win.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\wow64cpu.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\sspisrv.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\secur32.dll
2015-10-14 13:01:23 ----A---- C:\Windows\system32\credssp.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 13:01:22 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-10-14 13:01:22 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-10-14 13:01:22 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 13:01:21 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 13:01:20 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-10-14 13:01:20 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-10-14 13:01:20 ----A---- C:\Windows\system32\apisetschema.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 13:01:19 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\user.exe
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\msaudite.dll
2015-10-14 13:01:18 ----A---- C:\Windows\system32\adtschema.dll
2015-10-14 13:01:17 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-10-14 13:01:17 ----A---- C:\Windows\system32\msobjs.dll
2015-10-14 12:59:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 12:59:05 ----A---- C:\Windows\system32\appidapi.dll
2015-10-14 12:59:04 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-14 12:59:04 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 12:58:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 12:58:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 12:58:30 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 21:21:34 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-10-13 21:18:21 ----D---- C:\Users\Lukas\AppData\Roaming\Awesomium
======List of files/folders modified in the last 1 month======
2015-11-09 21:01:07 ----D---- C:\Users\Lukas\AppData\Roaming\Skype
2015-11-09 21:00:57 ----D---- C:\Users\Lukas\AppData\Roaming\Curse Client
2015-11-09 20:59:31 ----D---- C:\Windows\Temp
2015-11-09 20:59:30 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-09 20:57:17 ----D---- C:\Windows\Tasks
2015-11-09 16:09:48 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-09 16:09:47 ----D---- C:\Windows\system32\Tasks
2015-11-09 16:05:45 ----D---- C:\Windows\System32
2015-11-09 16:05:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-09 16:05:44 ----D---- C:\Windows\inf
2015-11-09 16:02:55 ----D---- C:\Windows\system32\config
2015-11-09 16:00:01 ----D---- C:\Windows\system32\catroot2
2015-11-09 15:59:41 ----D---- C:\Windows\system32\drivers
2015-11-09 15:59:41 ----D---- C:\Windows\SoftwareDistribution
2015-11-09 15:45:05 ----RD---- C:\Program Files
2015-11-09 15:42:30 ----D---- C:\Windows\system32\DriverStore
2015-11-09 15:42:29 ----SHD---- C:\System Volume Information
2015-11-08 17:23:39 ----HD---- C:\ProgramData
2015-10-31 10:13:05 ----D---- C:\Users\Lukas\AppData\Roaming\Raptr
2015-10-31 10:12:45 ----D---- C:\Program Files (x86)\Raptr
2015-10-24 20:59:03 ----D---- C:\Windows\system32\NDF
2015-10-23 12:48:06 ----SHD---- C:\Windows\Installer
2015-10-23 12:48:06 ----D---- C:\ProgramData\Skype
2015-10-16 18:04:57 ----D---- C:\Windows\SYSWOW64\drivers
2015-10-16 18:03:31 ----RSD---- C:\Windows\assembly
2015-10-16 18:01:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-10-16 18:01:06 ----RD---- C:\Program Files (x86)
2015-10-16 07:22:38 ----D---- C:\Windows\rescache
2015-10-15 20:54:05 ----D---- C:\Windows\winsxs
2015-10-15 20:54:04 ----SD---- C:\Windows\system32\CompatTel
2015-10-15 20:54:04 ----D---- C:\Windows\system32\appraiser
2015-10-15 20:54:04 ----D---- C:\Windows\AppPatch
2015-10-15 17:41:48 ----RD---- C:\Program Files (x86)\Skype
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Windows\SysWOW64
2015-10-15 02:23:07 ----D---- C:\Windows\system32\en-US
2015-10-15 02:23:07 ----D---- C:\Windows\system32\cs-CZ
2015-10-15 02:23:07 ----D---- C:\Program Files\Internet Explorer
2015-10-15 02:23:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-10-15 02:23:06 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-15 02:23:06 ----D---- C:\Windows\system32\Boot
2015-10-15 02:07:58 ----D---- C:\Windows\system32\MRT
2015-10-15 02:03:47 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-07-14 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2015-03-10 159480]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-05-17 4644184]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2015-05-17 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-23 56600]
R3 MonitorFunction;Driver for Monitor; C:\Windows\system32\DRIVERS\TVMonitor.sys [2015-06-18 16376]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 77128]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2015-01-28 1349576]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 644880]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-05 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-01-20 325912]
S2 MBAMService;MBAMService; D:\STAZENE_SOUBORY\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-20 2594584]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-06 238376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-17 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-19 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač sám píše
Dvouklikem na soubor C:\Program Files\trend micro\Lukas.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (file missing)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Počítač sám píše
Pěkný den. Vypadá to, že je vše už v pořádku.
Mockrát děkuji
Mockrát děkuji
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Počítač sám píše
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?