Dobrý den.
Prosím o preventivní kontrolu po odstranění viru Trojan:win32/Dynamer!ac , který našel Windows Defender.
Děkuji.
-------------------------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Markalous at 2016-02-05 11:18:50
Microsoft Windows 10 Home
System drive C: has 268 GB (70%) free of 381 GB
Total RAM: 8081 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:21, on 05.02.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\APRP\aprp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe
C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
C:\Program Files\trend micro\Markalous.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKLM\..\Run: [EaseUS TB Tray Agent] "C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe
O23 - Service: Asus GiftBox Desktop (ASUSGiftBoxDekstop) - ASUS - C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: cgm.ecommunication-1 - CompuGroup Medical Česká republika s.r.o. - D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DriverMFTService - ASUSTek Computer Inc. - C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe
O23 - Service: EaseUS Agent Service (EaseUS Agent) - CHENGDU YIWO Tech Development Co., Ltd - C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HCS.MedConnect.Service - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe
O23 - Service: HCS.MEDCONNECT.SERVICEMANAGER - HCS GmbH - D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: CryptoPlus XME Engine Service (xmengine service) - Monet+, a.s. - C:\Windows\SysWOW64\xmesrv.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
--
End of file - 14134 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe"
D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe
D:\CGMSERVER\bin\core\cgm.servercore.exe
C:\Windows\system32\CxAudMsg64.exe
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe"
"C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe"
"C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\Windows\SysWOW64\xmesrv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Windows\system32\SAsrv.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\WLANExt.exe 1993491176384
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 8136f368-8d74-4c5b-bc76-de343f81e478
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
dashost.exe {327547bb-d910-4b32-9cb0f2f3201fdd65}
C:\WINDOWS\System32\vds.exe
"D:\CGMSERVER\jre\bin\java.exe" -Xms50m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath="D:\CGMSERVER\logs\java.dump" -jar ..\jetty\start.jar STOP.KEY=cgm.jetty.stop STOP.PORT=12384
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
CMD /C ""D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql" < "nul" >> "D:\CGMSERVER\logs\pg_ctl.log" 2>&1"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" -D "D:/CGMSERVER/data/pgsql"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forklog" "5168" "5172"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 33C844AC-DC6F-7393-C76D-0F7834EBB015 -Reinvoke
"C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe"
sihost.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
taskeng.exe {2377C036-179D-4BA3-A750-B812A07521F8}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "5016" "-x3"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkboot" "4984" "-x4"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkavlauncher" "5156"
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkcol" "4980"
"C:\Program Files (x86)\ASUS\APRP\aprp.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
"D:/CGMSERVER/bin/pgsql/bin/postgres.exe" "--forkbackend" "5048"
C:\WINDOWS\explorer.exe /factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Users\Markalous\Desktop\Údržba\RSITx64.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe"
"C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe"
"C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-1903383002-3755401707-383608710-10012_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-1903383002-3755401707-383608710-10012 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Program Files\Conexant\SAII\SmartAudio.exe" /c
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://www.trendmicro.com/go/hjt/error/ ... D2%2E0%2E4"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="9208.0.254230276\2097786689" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.15.4256 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9208.1.300584108\2140631826" --font-cache-shared-handle=2284 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/EnabledFull/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*ExtensionActionRedesign/Default/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*LocalNTPSuggestionsService/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A1/*PageRevisitInstrumentation/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes/SafeBrowsingUpdateFrequency/Default/SlimmingPaint/EnableSlimmingPaint/SpdyEnableDependencies/Control/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Default/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9208.2.1023609293\1546732528" --font-cache-shared-handle=2480 /prefetch:673131151
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /svc
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsNotifyTask_Markalous.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Markalous.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe -from=task
=========Mozilla firefox=========
ProfilePath - C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1222172.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.286 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\extensions\
{a00bef25-f21a-4539-adbb-b179b29e2b92}
C:\Users\Markalous\AppData\Roaming\Mozilla\Firefox\Profiles\01v2w0b0.default\searchplugins\
McSiteAdvisor.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-11-13 3242696]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2015-06-10 599896]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-10-12 2655520]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-10-12 1710752]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Markalous\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-11-13 548552]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-11-05 50264704]
"GoogleChromeAutoLaunch_5D7D4019F38896730918709ABCFDAEC2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-02-03 748872]
"uTorrent"=C:\Users\Markalous\AppData\Roaming\uTorrent\uTorrent.exe [2015-12-04 2026520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe [2015-05-31 63272]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2015-12-08 24952456]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 596528]
"EaseUS EPM tray"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2015-09-16 2089056]
"EaseUS EPM Tray Agent"=C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\TrayPopupE\TrayTipAgentE.exe [2014-11-18 255072]
"EaseUS TB Tray Agent"=C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [2015-12-10 253992]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-02-05 11:18:51 ----D---- C:\Program Files\trend micro
2016-02-05 11:18:50 ----D---- C:\rsit
2016-02-04 22:37:20 ----D---- C:\ProgramData\Reality XP
2016-02-03 20:40:57 ----A---- C:\WINDOWS\system32\drivers\EuFdDisk.sys
2016-02-03 20:40:57 ----A---- C:\WINDOWS\system32\drivers\eudskacs.sys
2016-02-03 20:40:57 ----A---- C:\WINDOWS\system32\drivers\EUBKMON.sys
2016-02-03 20:40:57 ----A---- C:\WINDOWS\system32\drivers\eubakup.sys
2016-02-03 20:39:38 ----A---- C:\WINDOWS\system32\fbnative.exe
2016-02-03 20:38:09 ----A---- C:\WINDOWS\SYSWOW64\setupempdrv03.exe
2016-02-03 20:38:09 ----A---- C:\WINDOWS\SYSWOW64\EuGdiDrv.sys
2016-02-03 20:38:09 ----A---- C:\WINDOWS\SYSWOW64\EuEpmGdi.dll
2016-02-03 20:38:09 ----A---- C:\WINDOWS\SYSWOW64\epmntdrv.sys
2016-02-03 20:38:09 ----A---- C:\WINDOWS\SYSWOW64\BootMan.exe
2016-02-03 20:38:09 ----A---- C:\WINDOWS\system32\setupempdrvx64.exe
2016-02-03 20:38:09 ----A---- C:\WINDOWS\system32\EuGdiDrv.sys
2016-02-03 20:38:09 ----A---- C:\WINDOWS\system32\EuEpmGdi.dll
2016-02-03 20:38:09 ----A---- C:\WINDOWS\system32\epmntdrv.sys
2016-02-03 20:38:09 ----A---- C:\WINDOWS\system32\BootMan.exe
2016-02-03 20:38:01 ----D---- C:\Program Files (x86)\EaseUS
2016-02-03 19:33:56 ----D---- C:\Program Files\WBFS
2016-02-03 16:15:45 ----D---- C:\ProgramData\FLEXnet
2016-02-03 13:39:31 ----D---- C:\ProgramData\Licenses
2016-02-01 23:08:24 ----D---- C:\Users\Markalous\AppData\Roaming\Flight1 Aviation Technologies
2016-02-01 22:08:09 ----D---- C:\Users\Markalous\AppData\Roaming\Flight One Software
2016-01-28 08:22:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 08:22:26 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 08:22:25 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-01-28 08:22:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-01-28 08:22:24 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-01-28 08:22:23 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-28 08:22:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-01-28 08:22:20 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 08:22:19 ----A---- C:\WINDOWS\system32\windows.storage.dll
2016-01-28 08:22:19 ----A---- C:\WINDOWS\system32\twinui.dll
2016-01-28 08:22:18 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-28 08:22:17 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2016-01-28 08:22:17 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-01-28 08:22:16 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-01-28 08:22:15 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2016-01-28 08:22:15 ----A---- C:\WINDOWS\system32\shell32.dll
2016-01-28 08:22:14 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-01-28 08:22:14 ----A---- C:\WINDOWS\system32\mos.dll
2016-01-28 08:22:14 ----A---- C:\WINDOWS\system32\d2d1.dll
2016-01-28 08:22:12 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2016-01-28 08:22:11 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2016-01-28 08:22:11 ----A---- C:\WINDOWS\system32\InputService.dll
2016-01-28 08:22:11 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-01-28 08:22:11 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-01-28 08:22:10 ----A---- C:\WINDOWS\system32\WpcMon.exe
2016-01-28 08:22:10 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-01-28 08:22:09 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2016-01-28 08:22:09 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2016-01-28 08:22:09 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-01-28 08:22:08 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 08:22:08 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-01-28 08:22:08 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 08:22:07 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-01-28 08:22:07 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2016-01-28 08:22:07 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 08:22:07 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-28 08:22:06 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-28 08:22:06 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2016-01-28 08:22:06 ----A---- C:\WINDOWS\system32\msctf.dll
2016-01-28 08:22:06 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-01-28 08:22:06 ----A---- C:\WINDOWS\system32\AudioSes.dll
2016-01-28 08:22:05 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-28 08:22:05 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 08:22:05 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-28 08:22:05 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-28 08:22:04 ----A---- C:\WINDOWS\system32\wscsvc.dll
2016-01-28 08:22:04 ----A---- C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 08:22:04 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 08:22:04 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-28 08:22:04 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 08:22:03 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2016-01-28 08:22:03 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-01-28 08:22:03 ----A---- C:\WINDOWS\system32\MTFServer.dll
2016-01-28 08:22:03 ----A---- C:\WINDOWS\system32\MTF.dll
2016-01-28 08:22:03 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-01-28 08:22:03 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-01-28 08:22:02 ----A---- C:\WINDOWS\SYSWOW64\MTF.dll
2016-01-28 08:22:02 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2016-01-28 08:22:02 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 08:22:01 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-01-28 08:22:01 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-28 08:22:01 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\SYSWOW64\SimCfg.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\system32\srcore.dll
2016-01-28 08:22:00 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-01-28 08:21:59 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2016-01-28 08:21:59 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2016-01-28 08:21:59 ----A---- C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 08:21:59 ----A---- C:\WINDOWS\system32\SimCfg.dll
2016-01-28 08:21:58 ----A---- C:\WINDOWS\SYSWOW64\SimAuth.dll
2016-01-28 08:21:58 ----A---- C:\WINDOWS\system32\SimAuth.dll
2016-01-28 08:21:58 ----A---- C:\WINDOWS\system32\services.exe
2016-01-28 08:21:58 ----A---- C:\WINDOWS\system32\rasapi32.dll
2016-01-28 08:21:58 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\wscapi.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\rasdlg.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 08:21:57 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 08:21:56 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2016-01-28 08:21:56 ----A---- C:\WINDOWS\SYSWOW64\MapsBtSvc.dll
2016-01-28 08:21:56 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 08:21:56 ----A---- C:\WINDOWS\system32\DDDS.dll
2016-01-28 08:21:56 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 08:21:55 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2016-01-28 08:21:55 ----A---- C:\WINDOWS\system32\wlidcli.dll
2016-01-28 08:21:55 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 08:21:55 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 08:21:54 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-01-28 08:21:54 ----A---- C:\WINDOWS\system32\rastls.dll
2016-01-28 08:21:54 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\invagent.dll
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\FilterDS.dll
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-28 08:21:53 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-28 08:21:52 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2016-01-28 08:21:52 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 08:21:52 ----A---- C:\WINDOWS\system32\rasautou.exe
2016-01-28 08:21:52 ----A---- C:\WINDOWS\system32\pcaui.exe
2016-01-28 08:21:52 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2016-01-28 08:21:51 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2016-01-28 08:21:51 ----A---- C:\WINDOWS\SYSWOW64\winhttpcom.dll
2016-01-28 08:21:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 08:21:51 ----A---- C:\WINDOWS\SYSWOW64\rasautou.exe
2016-01-28 08:21:51 ----A---- C:\WINDOWS\system32\winbio.dll
2016-01-28 08:21:51 ----A---- C:\WINDOWS\system32\sscoreext.dll
2016-01-28 08:21:51 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\SYSWOW64\rastlsext.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\SYSWOW64\rasadhlp.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\system32\reseteng.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\system32\rastlsext.dll
2016-01-28 08:21:50 ----A---- C:\WINDOWS\system32\rasauto.dll
2016-01-26 13:24:15 ----D---- C:\Users\Markalous\AppData\Roaming\PMDG
2016-01-26 13:00:55 ----D---- C:\Program Files (x86)\Aircraft
2016-01-20 09:27:07 ----D---- C:\ProgramData\firebird
2016-01-13 21:01:10 ----D---- C:\Users\Markalous\AppData\Roaming\HiFi
2016-01-13 20:50:11 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-13 20:50:11 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-01-13 20:50:11 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 20:50:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2016-01-13 20:50:06 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-13 20:50:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 20:50:06 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 20:50:05 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-13 20:50:05 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-01-13 20:50:04 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-01-13 20:50:04 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-01-13 20:50:04 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-01-13 20:50:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-01-13 20:50:04 ----A---- C:\WINDOWS\system32\usermgr.dll
2016-01-13 20:50:04 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 20:50:03 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2016-01-13 20:50:03 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-13 20:50:03 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 20:50:03 ----A---- C:\WINDOWS\system32\msxml6.dll
2016-01-13 20:50:03 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 20:50:03 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 20:50:02 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-13 20:50:02 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-13 20:50:02 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 20:50:02 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 20:50:02 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 20:50:01 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-01-13 20:50:01 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-13 20:50:00 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-13 20:50:00 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-13 20:50:00 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 20:50:00 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2016-01-13 20:49:59 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-13 20:49:59 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2016-01-13 20:49:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2016-01-13 20:49:59 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\SYSWOW64\mftranscode.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\uReFS.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\PhoneService.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\mftranscode.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-13 20:49:58 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 20:49:57 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2016-01-13 20:49:57 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\winload.exe
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 20:49:57 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 20:49:56 ----A---- C:\WINDOWS\SYSWOW64\usermgrcli.dll
2016-01-13 20:49:56 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-13 20:49:56 ----A---- C:\WINDOWS\SYSWOW64\ProximityCommon.dll
2016-01-13 20:49:56 ----A---- C:\WINDOWS\system32\ProximityCommon.dll
2016-01-13 20:49:56 ----A---- C:\WINDOWS\system32\omadmclient.exe
2016-01-13 20:49:56 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2016-01-13 20:49:55 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\DscCore.dll
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\drivers\BthLEEnum.sys
2016-01-13 20:49:55 ----A---- C:\WINDOWS\system32\aitstatic.exe
2016-01-13 20:49:54 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-13 20:49:54 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2016-01-13 20:49:54 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-12 11:56:41 ----D---- C:\Users\Markalous\AppData\Roaming\Virtuali
2016-01-12 11:56:18 ----D---- C:\ProgramData\Esellerate
2016-01-12 11:56:10 ----D---- C:\ProgramData\Virtuali
2016-01-09 09:33:57 ----AD---- C:\WINDOWS\SYSWOW64\Adobe
2016-01-08 20:30:28 ----D---- C:\Users\Markalous\AppData\Roaming\FS2Crew2010
2016-01-08 16:37:44 ----D---- C:\Program Files (x86)\Disney Interactive Studios
======List of files/folders modified in the last 1 month======
2016-02-05 11:19:04 ----D---- C:\WINDOWS\Prefetch
2016-02-05 11:18:51 ----RD---- C:\Program Files
2016-02-05 11:18:45 ----D---- C:\WINDOWS\Temp
2016-02-05 11:18:04 ----D---- C:\WINDOWS\System32
2016-02-05 11:18:04 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-05 11:16:40 ----D---- C:\WINDOWS\system32\drivers
2016-02-05 11:16:21 ----D---- C:\WINDOWS\system32\sru
2016-02-05 11:15:55 ----D---- C:\Users\Markalous\AppData\Roaming\uTorrent
2016-02-05 11:15:46 ----AD---- C:\ProgramData\Temp
2016-02-05 11:01:42 ----SHD---- C:\System Volume Information
2016-02-05 10:10:11 ----D---- C:\Windows
2016-02-05 10:05:16 ----D---- C:\WINDOWS\Logs
2016-02-05 10:05:16 ----D---- C:\WINDOWS\INF
2016-02-05 10:05:16 ----D---- C:\WINDOWS\debug
2016-02-05 10:02:14 ----RD---- C:\Program Files (x86)
2016-02-05 08:49:15 ----D---- C:\WINDOWS\system32\Tasks
2016-02-05 08:36:06 ----D---- C:\WINDOWS\AppReadiness
2016-02-05 08:31:42 ----D---- C:\WINDOWS\system32\config
2016-02-05 08:21:55 ----HD---- C:\Program Files\WindowsApps
2016-02-05 08:15:43 ----D---- C:\WINDOWS\Microsoft.NET
2016-02-04 23:36:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-02-04 22:37:20 ----HD---- C:\ProgramData
2016-02-04 21:37:45 ----SHDC---- C:\WINDOWS\Installer
2016-02-04 20:24:45 ----D---- C:\WINDOWS\SysWOW64
2016-02-04 18:57:21 ----D---- C:\WINDOWS\SYSWOW64\directx
2016-02-04 13:12:59 ----RSD---- C:\WINDOWS\assembly
2016-02-04 13:12:41 ----RSD---- C:\WINDOWS\Fonts
2016-02-03 20:21:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-03 20:04:16 ----SD---- C:\ProgramData\Microsoft
2016-02-03 17:51:26 ----AD---- C:\Program Files (x86)\Dialog MIS
2016-02-03 15:38:06 ----D---- C:\WINDOWS\WinSxS
2016-02-03 12:23:14 ----D---- C:\Program Files (x86)\Common Files
2016-02-02 10:48:04 ----SD---- C:\Users\Markalous\AppData\Roaming\Microsoft
2016-02-01 20:30:29 ----D---- C:\WINDOWS\Tasks
2016-01-29 08:52:39 ----D---- C:\WINDOWS\rescache
2016-01-29 08:31:21 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-28 12:12:41 ----D---- C:\WINDOWS\SYSWOW64\migration
2016-01-28 12:12:37 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 12:12:36 ----D---- C:\WINDOWS\system32\oobe
2016-01-28 12:12:36 ----D---- C:\WINDOWS\system32\migration
2016-01-28 12:12:35 ----SD---- C:\WINDOWS\system32\F12
2016-01-28 12:12:35 ----D---- C:\WINDOWS\system32\appraiser
2016-01-28 12:12:29 ----RD---- C:\WINDOWS\PurchaseDialog
2016-01-28 12:12:29 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-01-28 12:12:28 ----D---- C:\WINDOWS\bcastdvr
2016-01-28 12:12:28 ----D---- C:\WINDOWS\AppPatch
2016-01-28 11:10:36 ----D---- C:\WINDOWS\CbsTemp
2016-01-28 08:10:51 ----D---- C:\WINDOWS\system32\catroot2
2016-01-26 13:20:23 ----D---- C:\Program Files (x86)\PMDG Operations Center
2016-01-24 22:09:21 ----D---- C:\Users\Markalous\AppData\Roaming\vlc
2016-01-21 12:49:36 ----D---- C:\ProgramData\Oracle
2016-01-21 08:36:38 ----D---- C:\Program Files (x86)\Java
2016-01-21 08:36:08 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2016-01-20 10:51:50 ----D---- C:\ProgramData\Package Cache
2016-01-14 14:02:58 ----D---- C:\WINDOWS\system32\Boot
2016-01-14 08:10:02 ----D---- C:\WINDOWS\system32\MRT
2016-01-14 08:07:49 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-13 22:09:04 ----D---- C:\WINDOWS\system32\NDF
2016-01-12 11:56:41 ----D---- C:\Users\Markalous\AppData\Roaming\Lockheed Martin
2016-01-08 19:30:17 ----D---- C:\Users\Markalous\AppData\Roaming\WildTangent
2016-01-08 19:30:17 ----D---- C:\ProgramData\WildTangent
2016-01-08 18:28:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 19:16:23 ----AD---- C:\Program Files (x86)\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 EUBAKUP;EUBAKUP; C:\WINDOWS\system32\drivers\eubakup.sys [2015-12-10 60968]
R0 EUBKMON;EUBKMON; C:\WINDOWS\system32\drivers\EUBKMON.sys [2015-12-10 48168]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-08-10 1462720]
R0 IntelHSWPcc;IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [2015-06-26 88256]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 EUDSKACS;EUDSKACS; \??\C:\WINDOWS\system32\drivers\eudskacs.sys [2015-12-10 18472]
R1 EUFDDISK;EUFDDISK; \??\C:\WINDOWS\system32\drivers\EuFdDisk.sys [2015-12-10 192552]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2015-05-25 21816]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-10-30 112640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-01-05 245760]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-10-30 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2015-10-30 84992]
R3 CnxtHdAudService;@oem13.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-07-09 1544280]
R3 ETD;@oem28.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-11-13 525512]
R3 HIDSwitch;@oem21.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtusb;@oem5.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\system32\DRIVERS\ibtusb.sys [2015-07-13 257776]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-30 6398424]
R3 MEIx64;@oem23.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2015-07-07 184608]
R3 Netwtw02;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw02.sys [2015-09-24 7081200]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-11-07 11227280]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-12 20768]
R3 nvvad_WaveExtensible;@oem10.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-10-30 175104]
R3 rt640x64;@oem16.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RTSPER;@oem12.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2015-06-15 753368]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2016-01-05 953856]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-11-22 117248]
S3 dg_ssudbus;@oem19.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-11-11 108800]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\syswow64\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\syswow64\EuGdiDrv.sys [2014-11-18 10208]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-11-12 139632]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-07-16 472872]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [2015-05-31 71168]
R2 ASUSGiftBoxDekstop;Asus GiftBox Desktop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [2015-07-20 315704]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 cgm.ebooking-1;cgm.ebooking-1; D:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [2015-12-03 27536]
R2 cgm.ecommunication-1;cgm.ecommunication-1; D:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [2015-04-27 37264]
R2 cgm.servercore;cgm.servercore; D:\CGMSERVER\bin\core\cgm.servercore.exe [2015-10-13 93072]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2014-10-20 207576]
R2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DriverMFTService;DriverMFTService; C:\Program Files (x86)\Asus\PixelMaster Video HDR\DriverMFTService.exe [2015-05-19 20992]
R2 EaseUS Agent;EaseUS Agent Service; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2015-12-10 36904]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-11-13 144072]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2015-06-12 640928]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-12 1156384]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2015-07-13 165104]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-30 359856]
R2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-12 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-12 5568288]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-11-05 938616]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2015-06-12 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 SAService;Conexant SmartAudio service; C:\WINDOWS\syswow64\SAsrv.exe [2015-04-17 427224]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-30 291768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S2 HCS.MEDCONNECT.SERVICEMANAGER;HCS.MEDCONNECT.SERVICEMANAGER; D:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [2015-02-11 87952]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-22 223520]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [2015-08-15 133480]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-22 415520]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_18d2f25;Hostitel synchronizace_18d2f25; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1a5e54;Hostitel synchronizace_1a5e54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_249a04;Hostitel synchronizace_249a04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_349f77;Hostitel synchronizace_349f77; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_42325;Hostitel synchronizace_42325; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_42b63;Hostitel synchronizace_42b63; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4a9fd;Hostitel synchronizace_4a9fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4b16d;Hostitel synchronizace_4b16d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_4e03a;Hostitel synchronizace_4e03a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5b45d;Hostitel synchronizace_5b45d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_5c308;Hostitel synchronizace_5c308; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_66a4c;Hostitel synchronizace_66a4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_68ac36a;Hostitel synchronizace_68ac36a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_733358;Hostitel synchronizace_733358; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_7454d;Hostitel synchronizace_7454d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_8c5b0;Hostitel synchronizace_8c5b0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_b3ad26;Hostitel synchronizace_b3ad26; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_b550a;Hostitel synchronizace_b550a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_e0c9eb;Hostitel synchronizace_e0c9eb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-11 136048]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2016-01-03 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-12 144200]
S3 HCS.MedConnect.Service;HCS.MedConnect.Service; D:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [2015-02-11 48528]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_18d2f25;Služba zasílání zpráv_18d2f25; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1a5e54;Služba zasílání zpráv_1a5e54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_249a04;Služba zasílání zpráv_249a04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_349f77;Služba zasílání zpráv_349f77; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_42325;Služba zasílání zpráv_42325; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_42b63;Služba zasílání zpráv_42b63; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4a9fd;Služba zasílání zpráv_4a9fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4b16d;Služba zasílání zpráv_4b16d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_4e03a;Služba zasílání zpráv_4e03a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5b45d;Služba zasílání zpráv_5b45d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_5c308;Služba zasílání zpráv_5c308; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_66a4c;Služba zasílání zpráv_66a4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_68ac36a;Služba zasílání zpráv_68ac36a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_733358;Služba zasílání zpráv_733358; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_7454d;Služba zasílání zpráv_7454d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_8c5b0;Služba zasílání zpráv_8c5b0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_b3ad26;Služba zasílání zpráv_b3ad26; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_b550a;Služba zasílání zpráv_b550a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_e0c9eb;Služba zasílání zpráv_e0c9eb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-07 146888]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2015-06-12 268192]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_18d2f25;Data kontaktů_18d2f25; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1a5e54;Data kontaktů_1a5e54; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_249a04;Data kontaktů_249a04; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_349f77;Data kontaktů_349f77; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_42325;Data kontaktů_42325; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_42b63;Data kontaktů_42b63; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4a9fd;Data kontaktů_4a9fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4b16d;Data kontaktů_4b16d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_4e03a;Data kontaktů_4e03a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5b45d;Data kontaktů_5b45d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_5c308;Data kontaktů_5c308; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_66a4c;Data kontaktů_66a4c; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_68ac36a;Data kontaktů_68ac36a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_733358;Data kontaktů_733358; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_7454d;Data kontaktů_7454d; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_8c5b0;Data kontaktů_8c5b0; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_b3ad26;Data kontaktů_b3ad26; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_b550a;Data kontaktů_b550a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_e0c9eb;Data kontaktů_e0c9eb; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prevence po odstranění viru
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prevence po odstranění viru
Zdravím, stáhni a ulož na plochu AdwCleaner,
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a dej mi sem z něj log po smazání nepořádku.
ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,
objeví se okno kde vlevo nahoře klikni na Scan.
Po dokončení skenu klikni na Clean,
proběhne restart PC kdy dojde ke smazání nepořádku.
Po té mi sem zkopíruj Report.
Pak použij Mbam z mého podpisu a dej mi sem z něj log po smazání nepořádku.
Re: Prevence po odstranění viru
Log z adwcleaneru:
------------------------------------------------------------------------
# AdwCleaner v5.032 - Logfile created 05/02/2016 at 19:18:12
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Markalous - MARKALOUSOVO
# Running from : C:\Users\Markalous\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [671 bytes] ##########
------------------------------------------------------------------------------------------------------------------------------
Log z MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 05.02.2016
Čas skenování: 19:23
Protokol: log.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.02.05.06
Databáze rootkitů: v2016.01.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Markalous
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 400924
Uplynulý čas: 9 min, 53 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
------------------------------------------------------------------------
# AdwCleaner v5.032 - Logfile created 05/02/2016 at 19:18:12
# Updated 31/01/2016 by Xplode
# Database : 2016-02-02.1 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Markalous - MARKALOUSOVO
# Running from : C:\Users\Markalous\Desktop\adwcleaner_5.032.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [671 bytes] ##########
------------------------------------------------------------------------------------------------------------------------------
Log z MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 05.02.2016
Čas skenování: 19:23
Protokol: log.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.02.05.06
Databáze rootkitů: v2016.01.20.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Markalous
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 400924
Uplynulý čas: 9 min, 53 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Prevence po odstranění viru
Díky za tvůj čas a zase někdy..
Přispějete na provoz fóra?