Zdravím Vás ve spolek Bando,
Je tomu bezmála 7 let (Poslední návštěva: pon lis 09, 2009 7:07 am),co sem musel řešit nějakou neplechu v PC,tenkrát sem dostal tvrdou školu o tom co dokáže havět z netu,inu doba pokročila a dnešní havět je sofistikovanější i přes plnou rez.ochranu antispyweary/mal a antiviry,mě regulerně dostaly.
Při surfu z čista jasna BOOM ! Spadly všechna okna a kompletně se smáznul z komplu celej mozilák firefoxuj...tomu říkám čistá práce
Po opětovné instalaci zjištěny prob.s certifikací v plném rozsahu působnosti,řekl bych. Ochrana nic nezaznamenala před tím ani potom,divné že : ) (požívám pravidelně 2x týdně eset)
Nemám představu jak moc je to problém a co vše to může spusobyt, z toho důvodu sem omezil internet banking,ale co data na HDD ? nemluvě o zaspamovaném Mailu,který mě trápí již pár měsícu.Samo že Skušeně sem nikdá žádný takový neodevřel ani v doručených ani hromadných,jen je dokola vytrvale mažu cca 5x za den.Pakliže je to možné fixnout budu rád.
Vaší práci obdivuji a moc Vám fandím,jen díky Vám sem těch 6 yáru nemusel takřka nic řešit,jen doporučovat svému okolí.
Zde Hijack
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-18 19:32:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 308 GB (62%) free of 501 GB
Total RAM: 4050 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:32:10, on 18.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10367 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {ECDB00AC-4F83-4483-AA0C-3D86E4A833A9}
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe" /Task
"C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe" --autorun
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.iobit.com/appgoto.php?&ver=3 ... db&ref=db3"
"C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe"
"C:\Microsoft Office\Office15\WINWORD.EXE" /n "C:\Users\Allonzo\Desktop\Nový Dokument aplikace Microsoft Word.docx
"C:\Users\Allonzo\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DriverToolkit Autorun.job - C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2015-07-09 682784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"Advanced SystemCare 9"=C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2016-01-11 2019616]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-06-08 5565960]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-18 18:52:40 ----D---- C:\rsit
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-18 19:32:09 ----D---- C:\Windows\Temp
2016-07-18 19:03:29 ----D---- C:\Windows\Prefetch
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-18 18:29:03 ----D---- C:\Windows\system32\Tasks
2016-07-18 18:00:34 ----D---- C:\Windows\system32\config
2016-07-18 17:59:49 ----D---- C:\Windows\System32
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:07:25 ----RD---- C:\Program Files (x86)
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:37 ----D---- C:\Windows
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:29:05 ----SHD---- C:\System Volume Information
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:27 ----SHD---- C:\Windows\Installer
2016-07-13 17:49:27 ----SHD---- C:\Config.Msi
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [2016-07-18 27320]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService9;Advanced SystemCare Service 9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [2016-01-05 446240]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-06-08 2552840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-06-07 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nefunkční Certifikáty a určitě něco navíc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Dále doporučuji odinstalovat AdvancedSystemCare. Tento čistič vidí problémy i tam, kd nejsou a laik si jím snadno může poškodit systém.Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Z prvu,dík za tvůj čas.
No je fakt že program tohoto typu,při čerstvě naformatováném HDD najde i přes 150,evidentně fiktivnich chyb,to sem se i zasmál,l:)
Co soudíte o iobitech ?
# AdwCleaner v5.201 - Log vytvořen 18/07/2016 v 20:42:04
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-18.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Allonzo - ALLONZO-PC
# Spuštěno z : C:\Users\Allonzo\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\Program Files (x86)\DriverToolkit
[-] Složka Smazáno : C:\Users\Allonzo\AppData\Local\DriverToolkit
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\DriverToolkit
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1697 bytů] - [18/07/2016 20:42:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [1879 bytů] - [18/07/2016 20:39:03]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1843 bytů] ##########
No je fakt že program tohoto typu,při čerstvě naformatováném HDD najde i přes 150,evidentně fiktivnich chyb,to sem se i zasmál,l:)
Co soudíte o iobitech ?
# AdwCleaner v5.201 - Log vytvořen 18/07/2016 v 20:42:04
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-18.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Allonzo - ALLONZO-PC
# Spuštěno z : C:\Users\Allonzo\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\Program Files (x86)\DriverToolkit
[-] Složka Smazáno : C:\Users\Allonzo\AppData\Local\DriverToolkit
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
[-] Úloha Smazáno : DRIVERTOOLKIT AUTORUN
***** [ Registry ] *****
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKCU\Software\DriverToolkit
[-] Klíč Smazáno : HKLM\SOFTWARE\Conduit
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1697 bytů] - [18/07/2016 20:42:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [1879 bytů] - [18/07/2016 20:39:03]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1843 bytů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-18 21:16:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 312 GB (62%) free of 501 GB
Total RAM: 4050 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:16:31, on 18.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9920 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {F9967877-4615-4AEE-9B42-9FB47E8E75C4}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="792.0.331867761\1148244228" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 792 "\\.\pipe\gecko-crash-server-pipe.792" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --proxy-stub-channel=Flash2496.6D9F87E0.14201 --host-broker-channel=Flash2496.6D9F87E0.12426 --host-pid=2496 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --channel=1480.002EF324.1946032434 --proxy-stub-channel=Flash2496.6D9F87E0.14201 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" --host-npapi-version=29 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-06-08 5565960]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\rsit
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-18 21:16:30 ----D---- C:\Windows\Temp
2016-07-18 20:47:39 ----D---- C:\Windows\system32\config
2016-07-18 20:47:10 ----D---- C:\Windows\system32\Tasks
2016-07-18 20:44:18 ----D---- C:\Windows\System32
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----RD---- C:\Program Files (x86)
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 20:29:49 ----D---- C:\Windows\Prefetch
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:37 ----D---- C:\Windows
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:29:05 ----SHD---- C:\System Volume Information
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:27 ----SHD---- C:\Windows\Installer
2016-07-13 17:49:27 ----SHD---- C:\Config.Msi
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [2016-07-18 27320]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-06-08 2552840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-06-07 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Run by Allonzo at 2016-07-18 21:16:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 312 GB (62%) free of 501 GB
Total RAM: 4050 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:16:31, on 18.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9920 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
taskeng.exe {F9967877-4615-4AEE-9B42-9FB47E8E75C4}
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="792.0.331867761\1148244228" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 792 "\\.\pipe\gecko-crash-server-pipe.792" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --proxy-stub-channel=Flash2496.6D9F87E0.14201 --host-broker-channel=Flash2496.6D9F87E0.12426 --host-pid=2496 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_22_0_0_209.exe" --channel=1480.002EF324.1946032434 --proxy-stub-channel=Flash2496.6D9F87E0.14201 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll" --host-npapi-version=29 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-06-08 5565960]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\rsit
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-18 21:16:30 ----D---- C:\Windows\Temp
2016-07-18 20:47:39 ----D---- C:\Windows\system32\config
2016-07-18 20:47:10 ----D---- C:\Windows\system32\Tasks
2016-07-18 20:44:18 ----D---- C:\Windows\System32
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----RD---- C:\Program Files (x86)
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 20:29:49 ----D---- C:\Windows\Prefetch
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:37 ----D---- C:\Windows
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:29:05 ----SHD---- C:\System Volume Information
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:27 ----SHD---- C:\Windows\Installer
2016-07-13 17:49:27 ----SHD---- C:\Config.Msi
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [2016-07-18 27320]
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-06-08 2552840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-06-07 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
:services
Bonjour Service
:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
All processes killed
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Allonzo
->Temp folder emptied: 90588686 bytes
->Temporary Internet Files folder emptied: 23837837 bytes
->FireFox cache emptied: 378712062 bytes
->Flash cache emptied: 2439 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7857839 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37896 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58469684 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 534,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Allonzo
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Guest
User: HomeGroupUser$
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07182016_221527
Files moved on Reboot...
C:\Users\Allonzo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Allonzo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-18 22:21:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 313 GB (63%) free of 501 GB
Total RAM: 4050 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:52, on 18.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9631 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {DA9C0B64-6640-42C6-8EF8-B540A53648CA}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {5A8AFDDC-DFDE-4E24-91F5-C96A8F66FB9E}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-06-08 5565960]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-18 22:15:27 ----D---- C:\_OTM
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\rsit
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-18 22:21:52 ----D---- C:\Windows\Temp
2016-07-18 22:20:46 ----D---- C:\Windows\system32\Tasks
2016-07-18 22:17:55 ----D---- C:\Windows\System32
2016-07-18 22:16:40 ----D---- C:\Windows\system32\config
2016-07-18 22:16:23 ----D---- C:\Windows
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----RD---- C:\Program Files (x86)
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 20:29:49 ----D---- C:\Windows\Prefetch
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:29:05 ----SHD---- C:\System Volume Information
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:27 ----SHD---- C:\Windows\Installer
2016-07-13 17:49:27 ----SHD---- C:\Config.Msi
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-06-08 2552840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-06-07 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
========== SERVICES/DRIVERS ==========
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
User: All Users
User: Allonzo
->Temp folder emptied: 90588686 bytes
->Temporary Internet Files folder emptied: 23837837 bytes
->FireFox cache emptied: 378712062 bytes
->Flash cache emptied: 2439 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
User: HomeGroupUser$
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7857839 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 37896 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 58469684 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 534,00 mb
[EMPTYFLASH]
User: Administrator
User: All Users
User: Allonzo
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Guest
User: HomeGroupUser$
User: Public
Total Flash Files Cleaned = 0,00 mb
OTM by OldTimer - Version 3.1.21.0 log created on 07182016_221527
Files moved on Reboot...
C:\Users\Allonzo\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Allonzo\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
Registry entries deleted on Reboot...
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-18 22:21:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 313 GB (63%) free of 501 GB
Total RAM: 4050 MB (55% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:21:52, on 18.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9631 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
taskeng.exe {DA9C0B64-6640-42C6-8EF8-B540A53648CA}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\svchost.exe -k utcsvc
taskeng.exe {5A8AFDDC-DFDE-4E24-91F5-C96A8F66FB9E}
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-06-08 5565960]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-18 22:15:27 ----D---- C:\_OTM
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\rsit
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-18 22:21:52 ----D---- C:\Windows\Temp
2016-07-18 22:20:46 ----D---- C:\Windows\system32\Tasks
2016-07-18 22:17:55 ----D---- C:\Windows\System32
2016-07-18 22:16:40 ----D---- C:\Windows\system32\config
2016-07-18 22:16:23 ----D---- C:\Windows
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----RD---- C:\Program Files (x86)
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 20:29:49 ----D---- C:\Windows\Prefetch
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:29:05 ----SHD---- C:\System Volume Information
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:27 ----SHD---- C:\Windows\Installer
2016-07-13 17:49:27 ----SHD---- C:\Config.Msi
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2016-06-08 2552840]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-06-07 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Brej večír,
Clean up,restart také,ale teda skusil sem náhodně spustit stránku :
"Vaše připojení není zabezpečené
Majitel serveru mapy.cz nakonfiguroval své webové stránky nesprávně. Abychom chránili vaše informace před odcizením, Firefox se k této webové stránce nepřipojil.
Zjistit více…
Hlásit chyby jako je tato a pomoci tak organizaci Mozilla identifikovat chybně nastavené servery"
Nevím tedy zda li je tam mám nakonfigurovat,nebo by to psát dále nemělo ?
Pro info jack :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-19 22:10:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 318 GB (63%) free of 501 GB
Total RAM: 4050 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:52, on 19.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9639 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
taskeng.exe {92288DE5-2213-42F0-99A7-D3005AB7076F}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --ipc-timeout 30
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" -c "C:\Users\Allonzo\AppData\Local\LogMeIn Hamachi"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-18 5565960]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-19 22:10:51 ----D---- C:\rsit
2016-07-19 21:44:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-19 22:10:52 ----D---- C:\Windows\Prefetch
2016-07-19 22:10:51 ----D---- C:\Windows\Temp
2016-07-19 21:47:47 ----D---- C:\Windows\system32\config
2016-07-19 21:46:53 ----D---- C:\Windows\system32\Tasks
2016-07-19 21:45:29 ----SHD---- C:\Windows\Installer
2016-07-19 21:45:29 ----SHD---- C:\Config.Msi
2016-07-19 21:44:54 ----RD---- C:\Program Files (x86)
2016-07-19 21:43:42 ----D---- C:\Windows\System32
2016-07-19 15:13:22 ----SHD---- C:\System Volume Information
2016-07-18 22:16:23 ----D---- C:\Windows
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-18 2554376]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-06 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Clean up,restart také,ale teda skusil sem náhodně spustit stránku :
"Vaše připojení není zabezpečené
Majitel serveru mapy.cz nakonfiguroval své webové stránky nesprávně. Abychom chránili vaše informace před odcizením, Firefox se k této webové stránce nepřipojil.
Zjistit více…
Hlásit chyby jako je tato a pomoci tak organizaci Mozilla identifikovat chybně nastavené servery"
Nevím tedy zda li je tam mám nakonfigurovat,nebo by to psát dále nemělo ?
Pro info jack :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-19 22:10:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 318 GB (63%) free of 501 GB
Total RAM: 4050 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:52, on 19.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9639 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
taskeng.exe {92288DE5-2213-42F0-99A7-D3005AB7076F}
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe" -s
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --ipc-timeout 30
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" -c "C:\Users\Allonzo\AppData\Local\LogMeIn Hamachi"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-18 5565960]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-19 22:10:51 ----D---- C:\rsit
2016-07-19 21:44:54 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-19 22:10:52 ----D---- C:\Windows\Prefetch
2016-07-19 22:10:51 ----D---- C:\Windows\Temp
2016-07-19 21:47:47 ----D---- C:\Windows\system32\config
2016-07-19 21:46:53 ----D---- C:\Windows\system32\Tasks
2016-07-19 21:45:29 ----SHD---- C:\Windows\Installer
2016-07-19 21:45:29 ----SHD---- C:\Config.Msi
2016-07-19 21:44:54 ----RD---- C:\Program Files (x86)
2016-07-19 21:43:42 ----D---- C:\Windows\System32
2016-07-19 15:13:22 ----SHD---- C:\System Volume Information
2016-07-18 22:16:23 ----D---- C:\Windows
2016-07-18 20:43:44 ----D---- C:\Program Files (x86)\IObit
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 20:02:25 ----HD---- C:\ProgramData
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:43:56 ----D---- C:\Windows\inf
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:37:11 ----D---- C:\Windows\winsxs
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:52 ----D---- C:\Windows\SysWOW64
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-16 00:30:51 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-07-14 09:12:41 ----D---- C:\ProgramData\ProductData
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-18 2554376]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-06 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Zkuste ještě tyto skeny:
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Zoek :
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Allonzo on Łt 19.07.2016 at 22:52:01,98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Allonzo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.7.2016 22:53:31 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Allonzo\AppData\Roaming\KASTNER software deleted successfully
C:\Users\Allonzo\AppData\Roaming\Opera Software deleted successfully
C:\Users\Allonzo\AppData\Local\Adobe deleted successfully
C:\Users\Allonzo\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Allonzo\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Allonzo\AppData\Local\EmieSiteList deleted successfully
C:\Users\Allonzo\AppData\Local\EmieUserList deleted successfully
C:\Users\Allonzo\AppData\Local\Opera Software deleted successfully
C:\Users\Allonzo\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3000996383-4029385324-4234381707-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");
user_pref("browser.search.defaultenginename", "Google");
Added to C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
---- Lines MUB-SAE removed from prefs.js ----
user_pref("extensions.MUB-SAE.dsConsent", "yes");
user_pref("extensions.MUB-SAE.language", "en-US");
user_pref("extensions.MUB-SAE.newtabUrl", "chrome://MUB-SAE/content/unpackedcrx/newtab/newtab.html");
user_pref("extensions.MUB-SAE.ntConsent", "yes");
user_pref("extensions.saeListDS", "[\"Ask Search\",\"MUB-SAE@iacsearchandmedia.com\"]");
user_pref("extensions.saeListNT", "[\"BrowserOpenNewTabOrWindow(event);\",\"MUB-SAE@iacsearchandmedia.com\"]");
---- FireFox user.js and prefs.js backups ----
user_20.07.2016_0130_.backup
prefs_20.07.2016_0130_.backup
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.07.2016_0130_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\Users\Allonzo\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\searchplugins\ask-search.xml deleted
"C:\Users\Allonzo\AppData\Roaming\vlc\vlcrc" deleted
"C:\Users\Allonzo\AppData\Roaming\vlc" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
Profilepath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
62D98B286C805E193568037B70D936D2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll - Shockwave Flash
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Allonzo\AppData\Local\Google\Chrome deleted
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Allonzo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Allonzo\AppData\Local\Mozilla\Firefox\Profiles\mk3h7xsi.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=43 folders=35 28214487 bytes)
==== Empty Temp Folders ======================
C:\Users\Allonzo\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Allonzo\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 20.07.2016 at 6:03:24,78 ======================
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Allonzo on Łt 19.07.2016 at 22:52:01,98.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Allonzo\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
19.7.2016 22:53:31 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Allonzo\AppData\Roaming\KASTNER software deleted successfully
C:\Users\Allonzo\AppData\Roaming\Opera Software deleted successfully
C:\Users\Allonzo\AppData\Local\Adobe deleted successfully
C:\Users\Allonzo\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Allonzo\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Allonzo\AppData\Local\EmieSiteList deleted successfully
C:\Users\Allonzo\AppData\Local\EmieUserList deleted successfully
C:\Users\Allonzo\AppData\Local\Opera Software deleted successfully
C:\Users\Allonzo\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3000996383-4029385324-4234381707-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");
user_pref("browser.search.defaultenginename", "Google");
Added to C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
---- Lines MUB-SAE removed from prefs.js ----
user_pref("extensions.MUB-SAE.dsConsent", "yes");
user_pref("extensions.MUB-SAE.language", "en-US");
user_pref("extensions.MUB-SAE.newtabUrl", "chrome://MUB-SAE/content/unpackedcrx/newtab/newtab.html");
user_pref("extensions.MUB-SAE.ntConsent", "yes");
user_pref("extensions.saeListDS", "[\"Ask Search\",\"MUB-SAE@iacsearchandmedia.com\"]");
user_pref("extensions.saeListNT", "[\"BrowserOpenNewTabOrWindow(event);\",\"MUB-SAE@iacsearchandmedia.com\"]");
---- FireFox user.js and prefs.js backups ----
user_20.07.2016_0130_.backup
prefs_20.07.2016_0130_.backup
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_20.07.2016_0130_.backup
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\Users\Allonzo\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\searchplugins\ask-search.xml deleted
"C:\Users\Allonzo\AppData\Roaming\vlc\vlcrc" deleted
"C:\Users\Allonzo\AppData\Roaming\vlc" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
Profilepath: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\mk3h7xsi.default
87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies
62D98B286C805E193568037B70D936D2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll - Shockwave Flash
==== Fake Chromium Profiles Check ======================
Fake profile C:\Users\Allonzo\AppData\Local\Google\Chrome deleted
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKLM and HKCU SearchScopes ======================
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Allonzo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Allonzo\AppData\Local\Mozilla\Firefox\Profiles\mk3h7xsi.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=43 folders=35 28214487 bytes)
==== Empty Temp Folders ======================
C:\Users\Allonzo\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Allonzo\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on st 20.07.2016 at 6:03:24,78 ======================
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
JunkWare :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by Allonzo (Administrator) on st 20.07.2016 at 6:19:26,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\user.js (File)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Allonzo) (Task)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag_Startup (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Allonzo (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-9033297F.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 20.07.2016 at 6:20:58,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64
Ran by Allonzo (Administrator) on st 20.07.2016 at 6:19:26,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 11
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default\user.js (File)
Successfully deleted: C:\Users\Allonzo\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Allonzo) (Task)
Successfully deleted: C:\Windows\system32\Tasks\SmartDefrag_Startup (Task)
Successfully deleted: C:\Windows\system32\Tasks\Uninstaller_SkipUac_Allonzo (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\Windows\prefetch\DRIVERBOOSTER.EXE-9033297F.pf (File)
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 20.07.2016 at 6:20:58,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
I po těchto krocích,náhodná stránka,stejný problém s certifikací.
Rozhodopádně,patrné změny v pc,dokonce i Firefox se překopal po použití zoeka a jrt.
Někde je zakopaná fenička
Info Jack :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-20 17:45:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 316 GB (63%) free of 501 GB
Total RAM: 4050 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:07, on 20.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9550 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --ipc-timeout 30
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
taskeng.exe {389E7CCA-4E55-41D2-9428-32477F109325}
C:\Windows\system32\sppsvc.exe
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-20 17:34:39 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-07-20 17:33:43 ----D---- C:\Users\Allonzo\AppData\Roaming\ProductData
2016-07-20 17:32:16 ----D---- C:\ProgramData\ProductData
2016-07-20 06:03:33 ----SHD---- C:\$RECYCLE.BIN
2016-07-20 04:32:29 ----A---- C:\Windows\zoek-delete.exe
2016-07-20 04:32:18 ----D---- C:\Windows\Temp
2016-07-19 22:51:54 ----D---- C:\zoek_backup
2016-07-19 22:10:51 ----D---- C:\rsit
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-20 17:37:00 ----D---- C:\Windows\system32\Tasks
2016-07-20 17:35:32 ----SHD---- C:\Windows\Installer
2016-07-20 17:35:32 ----SHD---- C:\Config.Msi
2016-07-20 17:34:51 ----D---- C:\Windows\system32\config
2016-07-20 17:34:39 ----RD---- C:\Program Files (x86)
2016-07-20 17:33:27 ----D---- C:\Windows\Prefetch
2016-07-20 17:32:46 ----D---- C:\Windows\System32
2016-07-20 17:32:16 ----HD---- C:\ProgramData
2016-07-20 06:39:46 ----D---- C:\Windows\winsxs
2016-07-20 06:39:45 ----SD---- C:\Windows\SYSWOW64\GWX
2016-07-20 06:39:45 ----SD---- C:\Windows\system32\GWX
2016-07-20 06:39:40 ----SHD---- C:\System Volume Information
2016-07-20 06:20:10 ----D---- C:\ProgramData\IObit
2016-07-20 06:20:08 ----D---- C:\Users\Allonzo\AppData\Roaming\IObit
2016-07-20 06:20:04 ----D---- C:\Program Files (x86)\IObit
2016-07-20 06:03:20 ----D---- C:\Windows\inf
2016-07-20 06:02:58 ----D---- C:\Windows
2016-07-19 22:55:06 ----D---- C:\Windows\system32\drivers\etc
2016-07-19 22:51:57 ----D---- C:\Windows\SysWOW64
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Rozhodopádně,patrné změny v pc,dokonce i Firefox se překopal po použití zoeka a jrt.
Někde je zakopaná fenička
Info Jack :
Logfile of random's system information tool 1.10 (written by random/random)
Run by Allonzo at 2016-07-20 17:45:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 316 GB (63%) free of 501 GB
Total RAM: 4050 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:45:07, on 20.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Allonzo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9550 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
atieclxx
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --ipc-timeout 30
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
taskeng.exe {389E7CCA-4E55-41D2-9428-32477F109325}
C:\Windows\system32\sppsvc.exe
"C:\Users\Allonzo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Allonzo\AppData\Roaming\Mozilla\Firefox\Profiles\d44mdk0m.default
prefs.js - "browser.startup.homepage" - "about:home"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12 2472224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Microsoft Office\Office15\OCHelper.dll [2016-06-14 229072]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\MICROS~1\Office15\GROOVEEX.DLL [2016-06-14 2348848]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14 163528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2016-06-14 1741104]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-04-20 8849152]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"DAEMON Tools Lite Automount"=C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [2016-01-15 4177784]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-27 767176]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2015-12-17 60688]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2016-06-28 5976864]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2016-07-20 5565960]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-20 17:34:39 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2016-07-20 17:33:43 ----D---- C:\Users\Allonzo\AppData\Roaming\ProductData
2016-07-20 17:32:16 ----D---- C:\ProgramData\ProductData
2016-07-20 06:03:33 ----SHD---- C:\$RECYCLE.BIN
2016-07-20 04:32:29 ----A---- C:\Windows\zoek-delete.exe
2016-07-20 04:32:18 ----D---- C:\Windows\Temp
2016-07-19 22:51:54 ----D---- C:\zoek_backup
2016-07-19 22:10:51 ----D---- C:\rsit
2016-07-18 20:37:25 ----D---- C:\AdwCleaner
2016-07-18 18:52:40 ----D---- C:\Program Files\trend micro
2016-07-16 20:07:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups2.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wups.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wudriver.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuaueng.dll
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wuauclt.exe
2016-07-16 16:31:36 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuwebv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wucltux.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapp.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\wuapi.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspisrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\sspicli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srcore.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\srclient.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\schannel.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\secur32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\rstrui.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msobjs.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\msaudite.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsass.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\lsasrv.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-07-16 16:31:35 ----A---- C:\Windows\system32\certcli.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\authui.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\auditpol.exe
2016-07-16 16:31:35 ----A---- C:\Windows\system32\advapi32.dll
2016-07-16 16:31:35 ----A---- C:\Windows\system32\adtschema.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\winsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\TSpkg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\oleaut32.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msimsg.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msihnd.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msiexec.exe
2016-07-16 16:31:34 ----A---- C:\Windows\system32\msi.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\KernelBase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\kerberos.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-07-16 16:31:34 ----A---- C:\Windows\system32\csrsrv.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\cryptbase.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\credssp.dll
2016-07-16 16:31:34 ----A---- C:\Windows\system32\asycfilt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64win.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64cpu.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wow64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\wdigest.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\smss.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpchttp.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\rpcrt4.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntvdm64.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ntdll.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\ncrypt.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\msv1_0.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\kernel32.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\drivers\appid.sys
2016-07-16 16:31:33 ----A---- C:\Windows\system32\consent.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\conhost.exe
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appinfo.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidsvc.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\appidapi.dll
2016-07-16 16:31:33 ----A---- C:\Windows\system32\apisetschema.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\olepro32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-07-16 16:31:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-07-16 16:31:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-07-16 16:31:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-07-16 16:31:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-07-16 15:03:28 ----D---- C:\ProgramData\BDLogging
2016-07-16 15:03:27 ----A---- C:\Windows\system32\drivers\trufos.sys
2016-07-14 08:16:23 ----D---- C:\ProgramData\Bohemia Interactive
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\iernonce.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-07-13 16:20:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-07-13 16:20:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\inseng.dll
2016-07-13 16:20:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-07-13 16:20:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-07-13 16:20:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-07-13 16:20:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\urlmon.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\occache.dll
2016-07-13 16:20:31 ----A---- C:\Windows\system32\iedkcs32.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-07-13 16:20:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-13 16:20:30 ----A---- C:\Windows\system32\msfeeds.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-07-13 16:20:30 ----A---- C:\Windows\system32\dxtrans.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\iesetup.dll
2016-07-13 16:20:29 ----A---- C:\Windows\system32\ieapfltr.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-07-13 16:20:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-07-13 16:20:28 ----A---- C:\Windows\system32\iertutil.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-07-13 16:20:27 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-07-13 16:20:27 ----A---- C:\Windows\system32\vbscript.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieui.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\ieframe.dll
2016-07-13 16:20:26 ----A---- C:\Windows\system32\dxtmsft.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\webcheck.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\mshtmled.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9diag.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript9.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\jscript.dll
2016-07-13 16:20:25 ----A---- C:\Windows\system32\ieUnatt.exe
2016-07-13 16:20:24 ----A---- C:\Windows\system32\wininet.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\msrating.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-07-13 16:20:24 ----A---- C:\Windows\system32\jsproxy.dll
2016-07-13 16:20:23 ----A---- C:\Windows\system32\mshtml.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\SYSWOW64\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\wpnpinst.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\win32spl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.exe
2016-07-13 16:19:38 ----A---- C:\Windows\system32\ntprint.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\localspl.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetppui.dll
2016-07-13 16:19:38 ----A---- C:\Windows\system32\inetpp.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\invagent.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\generaltel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\devinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-07-13 16:19:35 ----A---- C:\Windows\system32\centel.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\appraiser.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aepic.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\aeinv.dll
2016-07-13 16:19:35 ----A---- C:\Windows\system32\acmigration.dll
2016-07-13 16:19:34 ----A---- C:\Windows\system32\win32k.sys
2016-07-10 09:55:05 ----D---- C:\Program Files (x86)\Sid Meiers Civilization - Beyond Earth
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RtNicProp64.dll
2016-07-06 14:53:30 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2016-07-06 14:50:18 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantleaxl64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\mantle64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\hsa-thunk64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\GameManager64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\dgtrayicon.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\clinfo.exe
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_stn_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\ativvaxy_el_nd.dat
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd6a.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiumd64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiu9p64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atitmm64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atisamu64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2016-07-06 14:50:17 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atio6axx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimuixx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atimpc64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiglpxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6txx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atig6pxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieah64.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidemgy.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalrt64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticaldd64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticalcl64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiapfxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\amdpcom64.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\OpenCL.dll
2016-07-06 14:50:16 ----A---- C:\Windows\system32\amdvlk64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl64.dll
2016-07-06 14:50:15 ----A---- C:\Windows\system32\amdocl12cl64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmmcl6.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdmantle64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdlvr64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdicdxx.dat
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdhcp64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2016-07-06 14:50:14 ----A---- C:\Windows\system32\amdave64.dll
2016-06-28 18:20:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-27 15:27:15 ----A---- C:\Windows\system32\coinst_16.20.dll
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_FJ.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\ativce03.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34b.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde34a.dat
2016-06-27 15:27:07 ----A---- C:\Windows\system32\amde31a.dat
2016-06-27 15:25:41 ----A---- C:\Windows\system32\drivers\AtihdW76.sys
2016-06-27 15:25:41 ----A---- C:\Windows\system32\DelayAPO.dll
======List of files/folders modified in the last 1 month======
2016-07-20 17:37:00 ----D---- C:\Windows\system32\Tasks
2016-07-20 17:35:32 ----SHD---- C:\Windows\Installer
2016-07-20 17:35:32 ----SHD---- C:\Config.Msi
2016-07-20 17:34:51 ----D---- C:\Windows\system32\config
2016-07-20 17:34:39 ----RD---- C:\Program Files (x86)
2016-07-20 17:33:27 ----D---- C:\Windows\Prefetch
2016-07-20 17:32:46 ----D---- C:\Windows\System32
2016-07-20 17:32:16 ----HD---- C:\ProgramData
2016-07-20 06:39:46 ----D---- C:\Windows\winsxs
2016-07-20 06:39:45 ----SD---- C:\Windows\SYSWOW64\GWX
2016-07-20 06:39:45 ----SD---- C:\Windows\system32\GWX
2016-07-20 06:39:40 ----SHD---- C:\System Volume Information
2016-07-20 06:20:10 ----D---- C:\ProgramData\IObit
2016-07-20 06:20:08 ----D---- C:\Users\Allonzo\AppData\Roaming\IObit
2016-07-20 06:20:04 ----D---- C:\Program Files (x86)\IObit
2016-07-20 06:03:20 ----D---- C:\Windows\inf
2016-07-20 06:02:58 ----D---- C:\Windows
2016-07-19 22:55:06 ----D---- C:\Windows\system32\drivers\etc
2016-07-19 22:51:57 ----D---- C:\Windows\SysWOW64
2016-07-18 20:42:04 ----D---- C:\Windows\Tasks
2016-07-18 18:52:40 ----RD---- C:\Program Files
2016-07-17 06:07:53 ----D---- C:\Windows\system32\wdi
2016-07-17 05:39:49 ----D---- C:\Windows\rescache
2016-07-16 19:44:31 ----D---- C:\Windows\SoftwareDistribution
2016-07-16 19:43:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-16 19:40:56 ----D---- C:\Windows\system32\catroot2
2016-07-16 19:36:28 ----D---- C:\Windows\debug
2016-07-16 19:34:52 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\en-US
2016-07-16 19:34:51 ----D---- C:\Windows\system32\drivers
2016-07-16 19:34:51 ----D---- C:\Windows\system32\cs-CZ
2016-07-16 19:34:51 ----D---- C:\Windows\system32\Boot
2016-07-16 19:34:51 ----D---- C:\Windows\AppPatch
2016-07-16 19:34:37 ----D---- C:\uTorrent
2016-07-16 19:22:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-16 19:22:25 ----D---- C:\Windows\system32\Macromed
2016-07-16 19:22:20 ----D---- C:\Windows\SYSWOW64\Macromed
2016-07-16 16:28:13 ----HD---- C:\Users\Allonzo\AppData\Roaming\DAEMON Tools Lite
2016-07-13 19:40:52 ----D---- C:\Windows\Microsoft.NET
2016-07-13 19:39:45 ----RSD---- C:\Windows\assembly
2016-07-13 17:55:30 ----D---- C:\Program Files\Internet Explorer
2016-07-13 17:55:29 ----D---- C:\Windows\SYSWOW64\en-US
2016-07-13 17:55:28 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-13 17:55:26 ----D---- C:\Program Files\Windows Journal
2016-07-13 17:55:25 ----D---- C:\Windows\system32\appraiser
2016-07-13 17:49:01 ----D---- C:\ProgramData\Microsoft Help
2016-07-13 17:48:08 ----D---- C:\Windows\system32\MRT
2016-07-13 17:43:13 ----A---- C:\Windows\system32\MRT.exe
2016-07-13 17:41:54 ----A---- C:\Windows\win.ini
2016-07-11 17:54:08 ----D---- C:\Windows\system32\NDF
2016-07-10 10:09:54 ----D---- C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2016-07-06 14:55:07 ----D---- C:\Windows\system32\catroot
2016-07-06 14:54:26 ----D---- C:\Windows\system32\DriverStore
2016-07-06 14:53:30 ----A---- C:\Windows\system32\RTNUninst64.dll
2016-07-06 14:50:18 ----A---- C:\Windows\system32\atiuxp64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atiesrxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atieclxx.exe
2016-07-06 14:50:17 ----A---- C:\Windows\system32\atidxx64.dll
2016-07-06 14:50:17 ----A---- C:\Windows\system32\aticfx64.dll
2016-06-23 18:37:25 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 18:37:24 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-21 12:13:24 ----N---- C:\Windows\system32\MpSigStub.exe
2016-06-21 06:28:00 ----SD---- C:\Users\Allonzo\AppData\Roaming\Microsoft
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-07-13 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-07-13 43720]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-18 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-12-24 186784]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-07-13 26528]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-03-18 170792]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-06 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-06 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-27 96256]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-01-31 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-01-31 47672]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2015-03-30 33856]
R3 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-04-01 22208]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-04-20 4803840]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-01-11 34848]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2016-07-06 1030400]
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\TRUFOS.sys [2016-03-31 452040]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 cpuz138;cpuz138; \??\C:\Users\Allonzo\AppData\Local\Temp\cpuz138\cpuz138_x64.sys []
S3 DFX11_1;DFX Audio Enhancer 11.1; C:\Windows\system32\drivers\dfx11_1x64.sys [2012-12-13 28008]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 gkernel;gkernel; \??\C:\Users\Allonzo\AppData\Local\Temp\gkernel.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-06 306688]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2015-07-27 344064]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 60720]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-12 2520928]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2016-06-13 1597728]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-07-20 419248]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [2016-01-15 1369464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2016-07-20 2554376]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2013-08-21 516608]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-16 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-10 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-24 146888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-09 1450064]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-07-13 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
V kterém prohlížeči máte ten problém?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Alonzop
- Návštěvník
- Příspěvky: 85
- Registrován: 27 črc 2006 10:54
- Bydliště: Czech Rep. - Brno
- Kontaktovat uživatele:
Re: Nefunkční Certifikáty a určitě něco navíc
Mozila Firefox / w7 /64.
Naposledy upravil(a) Alonzop dne 21 črc 2016 17:48, celkem upraveno 1 x.
Přispějete na provoz fóra?