Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Kontrola logu

#1 Příspěvek od magi151 »

Dobrý večer, prosil by som o kontrolu logu.
Od dnes mám taký problém že mi na chrome a ani mozille nefungujú google stránky (tj. youtube, gmail) samotný google funguje.

V chrome mi vypíše nejakú takúto vetu: "Tento web nedokáže poskytnúť zabezpečené pripojenie. Web www.youtube.com neakceptoval váš prihlasovací certifikát alebo platnosť certifikátu vypršala.
Skúste kontaktovať správcu systému.
ERR_BAD_SSL_CLIENT_AUTH_CERT"

V mozille mi vypíše nejakú takúto vetu: "Pri pripájaní k www.youtube.com sa vyskytla chyba. Partner protokolu SSL nemôže overiť váš certifikát. Kód chyby: SSL_ERROR_BAD_CERT_ALERT"


Logfile of random's system information tool 1.10 (written by random/random)
Run by Skuuteer at 2016-09-20 20:03:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (15%) free of 114 GB
Total RAM: 3886 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:03:15, on 20. 9. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Skuuteer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GibbsRLMServer - Reprise Software Inc. - C:\Program Files\Gibbs\RLMServer\rlm.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11472 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Gibbs\RLMServer\rlm.exe" "-c" "C:\Program Files\Gibbs\RLMServer\." "-dlog" "C:\Program Files\Gibbs\RLMServer\GibbsRLMServer.log" -service
C:\Windows\system32\hasplms.exe -run
"gibbsnet.exe" -s 488 -p "C:\Program Files\Gibbs\RLMServer" -dlog "C:\Program Files\Gibbs\RLMServer\GibbsRLMServer.log" (null) (null) (null) (null)
\??\C:\Windows\system32\conhost.exe "-21466797521164279171811495344-184185774128020979-1231542958-21281120971984625352
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-787768098-601419458-127421440128828351211378416-68874843417354798821185361676
taskeng.exe {BF98452F-4638-4D6D-944B-040E4531DCE1}
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"taskhost.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" "-cachedir=C:\Users\Skuuteer\AppData\Local\Steam\htmlcache" "-steampid=5588" "-buildid=1471977975" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="180.0.54502840\931696331" --font-cache-shared-handle=1208 /prefetch:1
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="C:\Program Files (x86)\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --disable-gpu-compositing --channel="180.2.1946859828\810992633" --font-cache-shared-handle=2060 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Skuuteer\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0xf0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5592.0.2030916498\1270879191" --mojo-application-channel-token=56214373CD44FF624730EC63BCC3F4E1 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-liberal/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,11,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --gpu-driver-date=1-10-2012 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0a35 --mojo-platform-channel-handle=1100 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=2845375B5DFA582D6960957DE51AA7B8 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=336503A852CF6067BA7889FB1CE211AB --mojo-application-channel-token=2845375B5DFA582D6960957DE51AA7B8 --channel="5592.3.2002910968\1433710480" --mojo-platform-channel-handle=2340 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8F03FCF9A0E4550F76ACB5D63660447C --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=811891DDA9944D11E6E69F77D0E73F0C --mojo-application-channel-token=8F03FCF9A0E4550F76ACB5D63660447C --channel="5592.4.2008787469\1431005219" --mojo-platform-channel-handle=2344 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B7EB4D66799D272F30B40B336E1AF5CD --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=69EC9641EEFC49E332060F437F182B84 --mojo-application-channel-token=B7EB4D66799D272F30B40B336E1AF5CD --channel="5592.5.709946135\1938754754" --mojo-platform-channel-handle=2360 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=BAFAA457EB47D60D73F5E59A589191A5 --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=CBEF8A68E819F28C72C2AFAE3A6DF056 --mojo-application-channel-token=BAFAA457EB47D60D73F5E59A589191A5 --channel="5592.6.1373585367\1677053513" --mojo-platform-channel-handle=2416 /prefetch:1
taskeng.exe {C8043672-23FE-469B-B384-00DEB03744FA}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=B9B6C18FFDBFE4E2218E2A41A5E62355 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=A989AF6BFCBBF2900B498BB110247DD7 --mojo-application-channel-token=B9B6C18FFDBFE4E2218E2A41A5E62355 --channel="5592.10.1239927181\1798672690" --mojo-platform-channel-handle=5232 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=0AD1415DD1A4AA35C0E4CC53D32A8DC3 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=80D986CD5EC4ECB61695F769DA5569CC --mojo-application-channel-token=0AD1415DD1A4AA35C0E4CC53D32A8DC3 --channel="5592.12.132734062\509479565" --mojo-platform-channel-handle=3580 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=FE0EFE3843435B82C5A0604E777D6BD7 --lang=sk --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=F0E3787E2C63DAB300529137C7B8CE47 --mojo-application-channel-token=FE0EFE3843435B82C5A0604E777D6BD7 --channel="5592.14.300657467\361153203" --mojo-platform-channel-handle=4272 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=A4F8256471F9562E25848A6D56A49491 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=E950A53C7FA991A8B76CED67440D45BA --mojo-application-channel-token=A4F8256471F9562E25848A6D56A49491 --channel="5592.16.2075510236\1982806447" --mojo-platform-channel-handle=3312 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524

"C:\Users\Skuuteer\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=5683D4E1E30A539B0F95522AD63297EB --lang=sk --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=023FC880325D2216267C203B4F1C4225 --mojo-application-channel-token=5683D4E1E30A539B0F95522AD63297EB --channel="5592.18.604101406\1083259967" --mojo-platform-channel-handle=6136 /prefetch:1

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Skuuteer\AppData\Roaming\Mozilla\Firefox\Profiles\we71oeuh.default

prefs.js - "browser.startup.homepage" - "www.google.sk "

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Viber"=C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe [2016-09-13 73298000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08 1154264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager]
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-02-19 1193352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-07-29 23375200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2015-09-23 170256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2016-03-10 55264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-10 9643552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\Windows\vsnp2uvc.exe [2016-07-31 909824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-08-23 2857248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2016-01-22 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2014 Fast Start.lnk]
C:\Windows\INSTAL~1\{4FFA6~1\NEWSHO~3.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk]
C:\PROGRA~2\COMMON~1\SOLIDW~1\BACKGR~1\SLDBGD~1.EXE [2014-01-11 2740264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Skuuteer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinDefenderModule.exe]
C:\Users\Skuuteer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinDefenderModule.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-20 20:03:05 ----D---- C:\rsit
2016-09-20 20:03:05 ----D---- C:\Program Files\trend micro
2016-09-15 14:35:41 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\schannel.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-15 13:54:07 ----A---- C:\Windows\system32\ntdll.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\kernel32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wow64win.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wow64.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\winsrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wdigest.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\sspicli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\srcore.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\smss.exe
2016-09-15 13:54:06 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\kerberos.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\conhost.exe
2016-09-15 13:54:06 ----A---- C:\Windows\system32\certcli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\advapi32.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\user.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\wow64cpu.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\srclient.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\secur32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\rstrui.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\ntvdm64.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\msaudite.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\lsass.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-15 13:54:05 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\credssp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\auditpol.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidapi.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\adtschema.dll
2016-09-15 13:54:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-09-15 13:54:04 ----A---- C:\Windows\system32\msobjs.dll
2016-09-15 13:53:48 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-09-15 13:53:48 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\INETRES.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-15 13:53:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-15 13:53:47 ----A---- C:\Windows\system32\win32k.sys
2016-09-15 13:53:47 ----A---- C:\Windows\system32\user32.dll
2016-09-15 13:51:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-09-15 13:51:16 ----A---- C:\Windows\system32\oleaut32.dll
2016-09-12 21:17:21 ----D---- C:\ProgramData\Productec
2016-09-12 21:07:59 ----D---- C:\Program Files\Common Files\GibbsCAM Shared
2016-09-12 20:54:57 ----D---- C:\Program Files (x86)\Mycover
2016-09-11 18:23:25 ----D---- C:\Users\Skuuteer\AppData\Roaming\tor
2016-09-11 18:23:21 ----D---- C:\Users\Skuuteer\AppData\Roaming\WinDefenderModule
2016-09-11 11:15:57 ----D---- C:\Program Files (x86)\Rockstar Games
2016-09-11 11:15:45 ----D---- C:\Program Files\Rockstar Games
2016-09-06 17:49:04 ----RHD---- C:\Users\Skuuteer\AppData\Roaming\SecuROM
2016-08-31 21:52:05 ----D---- C:\Users\Skuuteer\AppData\Roaming\NetBeans
2016-08-31 21:49:19 ----D---- C:\Program Files\NetBeans 8.1
2016-08-31 21:41:29 ----D---- C:\cygwin64
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\Msvcr71.dll
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-08-24 20:31:50 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2016-08-24 20:31:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-08-24 20:31:04 ----D---- C:\Windows\SYSWOW64\xlive
2016-08-24 20:31:04 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2016-08-24 20:17:34 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-08-24 20:17:17 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys

======List of files/folders modified in the last 1 month======

2016-09-20 20:03:05 ----RD---- C:\Program Files
2016-09-20 20:02:56 ----D---- C:\Windows\Temp
2016-09-20 19:45:17 ----D---- C:\Program Files (x86)\Steam
2016-09-20 19:45:15 ----D---- C:\Users\Skuuteer\AppData\Roaming\vlc
2016-09-20 19:33:21 ----D---- C:\Windows\system32\config
2016-09-20 19:17:19 ----D---- C:\Windows\system32\Tasks
2016-09-20 19:15:15 ----D---- C:\Users\Skuuteer\AppData\Roaming\ViberPC
2016-09-20 19:13:07 ----D---- C:\ProgramData\Reprise
2016-09-20 19:13:04 ----D---- C:\ProgramData\NVIDIA
2016-09-18 21:36:33 ----D---- C:\Windows\system32\catroot
2016-09-18 21:08:14 ----SHD---- C:\Windows\Installer
2016-09-18 21:08:14 ----SHD---- C:\Config.Msi
2016-09-18 21:08:04 ----D---- C:\Windows\inf
2016-09-18 21:07:35 ----D---- C:\Windows\System32
2016-09-18 21:07:12 ----D---- C:\Windows\SysWOW64
2016-09-18 18:53:42 ----D---- C:\ProgramData\ProductData
2016-09-18 10:42:36 ----D---- C:\Windows
2016-09-18 10:42:35 ----D---- C:\Windows\Logs
2016-09-18 10:42:26 ----SHD---- C:\System Volume Information
2016-09-18 09:02:08 ----D---- C:\ProgramData\IObit
2016-09-17 22:51:48 ----D---- C:\Users\Skuuteer\AppData\Roaming\TS3Client
2016-09-16 19:55:29 ----D---- C:\Windows\rescache
2016-09-15 14:35:41 ----D---- C:\Program Files\Common Files
2016-09-15 14:23:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-15 14:16:52 ----D---- C:\Windows\winsxs
2016-09-15 14:16:16 ----D---- C:\Program Files\Microsoft Silverlight
2016-09-15 14:16:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 14:16:09 ----D---- C:\Windows\system32\drivers
2016-09-15 14:15:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-09-15 14:15:40 ----D---- C:\Windows\system32\en-US
2016-09-15 14:15:39 ----D---- C:\Windows\system32\Boot
2016-09-15 14:15:39 ----D---- C:\Windows\AppPatch
2016-09-15 14:15:19 ----D---- C:\Windows\pss
2016-09-15 14:14:21 ----D---- C:\Windows\debug
2016-09-15 14:09:21 ----D---- C:\ProgramData\Microsoft Help
2016-09-15 14:05:24 ----D---- C:\Windows\system32\MRT
2016-09-15 13:54:45 ----AC---- C:\Windows\system32\MRT.exe
2016-09-15 13:52:54 ----D---- C:\Windows\system32\catroot2
2016-09-14 22:12:12 ----D---- C:\Users\Skuuteer\AppData\Roaming\IObit
2016-09-13 20:00:06 ----D---- C:\Users\Skuuteer\AppData\Roaming\TeamViewer
2016-09-13 20:00:05 ----D---- C:\Users\Skuuteer\AppData\Roaming\uTorrent
2016-09-12 21:08:25 ----D---- C:\Program Files (x86)\Common Files
2016-09-12 21:07:57 ----RSD---- C:\Windows\Fonts
2016-09-12 21:07:53 ----D---- C:\Program Files\Gibbs
2016-09-12 21:06:17 ----D---- C:\Windows\system32\Setup
2016-09-10 17:27:15 ----D---- C:\Users\Skuuteer\AppData\Roaming\.minecraft
2016-08-24 20:42:16 ----SD---- C:\Users\Skuuteer\AppData\Roaming\Microsoft
2016-08-24 20:31:25 ----RSD---- C:\Windows\assembly
2016-08-21 13:44:02 ----D---- C:\ProgramData\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2016-01-22 35384]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2016-05-30 38336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-04-04 270912]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-23 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-11-20 186784]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2016-03-23 198096]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2016-03-23 53384]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-07-31 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-08-01 91784]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-08-01 140736]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2015-11-20 142976]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2016-03-23 84800]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-08-01 331328]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2016-07-31 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-10 2222624]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-07-31 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2016-07-31 129224]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2016-07-31 181760]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-07-31 56384]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2016-07-31 68904]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-07-31 33960]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2016-07-31 1800832]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2016-07-31 42536]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-08-24 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-08-24 47672]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-08 82128]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-08-05 83768]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-06-10 2520928]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 GibbsRLMServer;GibbsRLMServer; C:\Program Files\Gibbs\RLMServer\rlm.exe [2016-03-16 1540096]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2013-08-01 4609928]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-05-30 932912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-05-30 424384]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-05-27 2960672]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-18 1357104]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-16 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-09-23 644880]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; D:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-17 1255736]
S4 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S4 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 107848]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 107848]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S4 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [2015-03-16 968480]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-07-16 146888]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
S4 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2011-09-22 1259040]
S4 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S4 TeamViewer;TeamViewer 10; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#2 Příspěvek od Roli »

Zdravím, rád Ti pomůžu ale co uděláme s tím nelegálním produktem od Microsoftu ?
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#3 Příspěvek od magi151 »

Dobrý deň, zrejme čo najskôr odstránime? :)
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#4 Příspěvek od Roli »

magi151 píše:Dobrý deň, zrejme čo najskôr odstránime? :)
Až bude odstraněný tak mi sem dej aktuální log z Rsit :)
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#5 Příspěvek od magi151 »

OK, office odinštalovaný (dúfam, že ste mali na mysli ten).
Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Skuuteer at 2016-09-21 18:24:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 23 GB (20%) free of 114 GB
Total RAM: 3886 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:24:09, on 21. 9. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Skuuteer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: SRS Premium Sound.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: GibbsRLMServer - Reprise Software Inc. - C:\Program Files\Gibbs\RLMServer\rlm.exe
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9349 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files\Gibbs\RLMServer\rlm.exe" "-c" "C:\Program Files\Gibbs\RLMServer\." "-dlog" "C:\Program Files\Gibbs\RLMServer\GibbsRLMServer.log" -service
C:\Windows\system32\hasplms.exe -run
"gibbsnet.exe" -s 480 -p "C:\Program Files\Gibbs\RLMServer" -dlog "C:\Program Files\Gibbs\RLMServer\GibbsRLMServer.log" (null) (null) (null) (null)
\??\C:\Windows\system32\conhost.exe "-973784205872781264-1930821635-1309754903-116166415699744533314871661-2146924533
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
ATKOSD.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
KBFiltr.exe
WDC.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
taskeng.exe {C04DA4E1-5E10-46E7-A86F-95027228CDCB}
\??\C:\Windows\system32\conhost.exe "-1310307711854973802-130575789121413480261571339544-10028125931581718653-1495634528
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Skuuteer\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0xf0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5592.0.773419259\2128717183" --mojo-application-channel-token=79F77708C76026252B306136F2A1772E --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-liberal/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PreconnectMore/Default/*QUIC/EnabledDisableDiskCache/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,11,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --gpu-driver-date=1-10-2012 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0a35 --mojo-platform-channel-handle=1104 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDiskCache/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=325C5D572143C1BC0A3B8FBFDF479B75 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=F2A42D0EFFD704E46CE0D0941E51017A --mojo-application-channel-token=325C5D572143C1BC0A3B8FBFDF479B75 --channel="5592.3.932291947\904187826" --mojo-platform-channel-handle=2428 /prefetch:1
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-liberal/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/*PreconnectMore/Default/*QUIC/EnabledDisableDiskCache/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_37/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=8AA1D637F255DDC9FC4A8FD8808AE860 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=8AD3AF06F80284E0EA0FD813AD707BEB --mojo-application-channel-token=8AA1D637F255DDC9FC4A8FD8808AE860 --channel="5592.6.2116227014\1075870989" --mojo-platform-channel-handle=3820 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\msiexec.exe /V

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\Skuuteer\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\AutoKMSDaily.job - C:\Windows\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Skuuteer\AppData\Roaming\Mozilla\Firefox\Profiles\9efujxj7.default-1474474262335

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-21 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-21 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-09-23 170256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Viber"=C:\Users\Skuuteer\AppData\Local\Viber\Viber.exe [2016-08-10 72586832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08 1154264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSKAppManager]
C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2016-02-24 529480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2014-02-19 1193352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-07-29 23375200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser]
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (cleanup)]
C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2016-03-10 55264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-06-14 2397120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-10 9643552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2016-06-14 1767944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
C:\Windows\vsnp2uvc.exe [2016-07-31 909824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-08-23 2857248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Skuuteer^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinDefenderModule.exe]
C:\Users\Skuuteer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinDefenderModule.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-01-13 7109248]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624]
"NUSB3MON"=C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2009-10-21 106496]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-01-10 390656]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-21 17:46:46 ----D---- C:\Program Files (x86)\Adware Removal Tool by TSA
2016-09-21 17:46:46 ----A---- C:\Windows\SYSWOW64\subinacl.exe
2016-09-20 20:03:05 ----D---- C:\rsit
2016-09-20 20:03:05 ----D---- C:\Program Files\trend micro
2016-09-15 14:35:41 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-15 13:54:19 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-09-15 13:54:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\schannel.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-15 13:54:07 ----A---- C:\Windows\system32\ntdll.dll
2016-09-15 13:54:07 ----A---- C:\Windows\system32\kernel32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wow64win.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wow64.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\winsrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\wdigest.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\sspicli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\srcore.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\smss.exe
2016-09-15 13:54:06 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\KernelBase.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\kerberos.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-15 13:54:06 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\conhost.exe
2016-09-15 13:54:06 ----A---- C:\Windows\system32\certcli.dll
2016-09-15 13:54:06 ----A---- C:\Windows\system32\advapi32.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 13:54:05 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\user.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\wow64cpu.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\srclient.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\secur32.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\rstrui.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\ntvdm64.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\msaudite.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\lsass.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-15 13:54:05 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\credssp.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\auditpol.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 13:54:05 ----A---- C:\Windows\system32\appidapi.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-15 13:54:05 ----A---- C:\Windows\system32\adtschema.dll
2016-09-15 13:54:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-09-15 13:54:04 ----A---- C:\Windows\system32\msobjs.dll
2016-09-15 13:53:48 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-09-15 13:53:48 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\INETRES.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-15 13:53:48 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-15 13:53:47 ----A---- C:\Windows\SYSWOW64\user32.dll
2016-09-15 13:53:47 ----A---- C:\Windows\system32\win32k.sys
2016-09-15 13:53:47 ----A---- C:\Windows\system32\user32.dll
2016-09-15 13:51:16 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-09-15 13:51:16 ----A---- C:\Windows\system32\oleaut32.dll
2016-09-12 21:17:21 ----D---- C:\ProgramData\Productec
2016-09-12 21:07:59 ----D---- C:\Program Files\Common Files\GibbsCAM Shared
2016-09-12 20:54:57 ----D---- C:\Program Files (x86)\Mycover
2016-09-11 18:23:25 ----D---- C:\Users\Skuuteer\AppData\Roaming\tor
2016-09-11 18:23:21 ----D---- C:\Users\Skuuteer\AppData\Roaming\WinDefenderModule
2016-09-11 11:15:57 ----D---- C:\Program Files (x86)\Rockstar Games
2016-09-11 11:15:45 ----D---- C:\Program Files\Rockstar Games
2016-09-06 17:49:04 ----RHD---- C:\Users\Skuuteer\AppData\Roaming\SecuROM
2016-08-31 21:52:05 ----D---- C:\Users\Skuuteer\AppData\Roaming\NetBeans
2016-08-31 21:49:19 ----D---- C:\Program Files\NetBeans 8.1
2016-08-31 21:41:29 ----D---- C:\cygwin64
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\Msvcr71.dll
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2016-08-24 20:33:34 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2016-08-24 20:31:50 ----A---- C:\Windows\SYSWOW64\CmdLineExt_x64.dll
2016-08-24 20:31:17 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-08-24 20:31:04 ----D---- C:\Windows\SYSWOW64\xlive
2016-08-24 20:31:04 ----D---- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2016-08-24 20:17:34 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2016-08-24 20:17:17 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys

======List of files/folders modified in the last 1 month======

2016-09-21 18:24:01 ----D---- C:\Windows\Temp
2016-09-21 18:23:32 ----SHD---- C:\Windows\Installer
2016-09-21 18:23:32 ----SHD---- C:\Config.Msi
2016-09-21 18:23:32 ----RSD---- C:\Windows\assembly
2016-09-21 18:23:30 ----D---- C:\Program Files (x86)\Microsoft Office
2016-09-21 18:23:26 ----SHD---- C:\System Volume Information
2016-09-21 18:23:15 ----D---- C:\Windows\Microsoft.NET
2016-09-21 18:22:58 ----D---- C:\ProgramData\Microsoft Help
2016-09-21 18:22:32 ----RD---- C:\Program Files (x86)
2016-09-21 18:22:32 ----D---- C:\Windows
2016-09-21 18:22:17 ----RSD---- C:\Windows\Fonts
2016-09-21 18:22:11 ----SD---- C:\ProgramData\Microsoft
2016-09-21 18:22:10 ----D---- C:\Program Files (x86)\MSBuild
2016-09-21 18:22:09 ----D---- C:\Windows\SysWOW64
2016-09-21 18:20:58 ----D---- C:\Windows\ShellNew
2016-09-21 18:20:47 ----A---- C:\Windows\win.ini
2016-09-21 18:20:44 ----RD---- C:\Program Files
2016-09-21 18:20:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-09-21 18:15:59 ----D---- C:\Windows\system32\Tasks
2016-09-21 18:15:33 ----D---- C:\Windows\system32\config
2016-09-21 18:12:39 ----D---- C:\ProgramData\Reprise
2016-09-21 18:12:36 ----D---- C:\ProgramData\NVIDIA
2016-09-21 18:00:17 ----D---- C:\Windows\pss
2016-09-21 17:41:56 ----D---- C:\Windows\system32\NDF
2016-09-21 17:32:56 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-21 17:32:51 ----D---- C:\Windows\system32\drivers
2016-09-21 17:31:25 ----D---- C:\Users\Skuuteer\AppData\Roaming\ViberPC
2016-09-21 17:30:40 ----D---- C:\Windows\Tasks
2016-09-21 17:30:40 ----D---- C:\Windows\system32\wfp
2016-09-21 17:30:39 ----D---- C:\Windows\system32\wbem
2016-09-21 17:30:10 ----D---- C:\Windows\system32\DriverStore
2016-09-21 17:30:10 ----D---- C:\Windows\system32\drivers\etc
2016-09-21 17:30:10 ----D---- C:\Windows\system32\catroot2
2016-09-21 17:30:09 ----SD---- C:\Windows\system32\GWX
2016-09-21 17:30:09 ----D---- C:\Windows\System32
2016-09-21 17:30:09 ----D---- C:\Windows\inf
2016-09-21 17:30:08 ----D---- C:\Users\Skuuteer\AppData\Roaming\vlc
2016-09-21 17:30:08 ----D---- C:\Users\Skuuteer\AppData\Roaming\ProductData
2016-09-21 17:30:07 ----D---- C:\ProgramData\P4G
2016-09-21 17:30:05 ----D---- C:\Windows\registration
2016-09-18 21:36:33 ----D---- C:\Windows\system32\catroot
2016-09-18 10:42:35 ----D---- C:\Windows\Logs
2016-09-18 10:41:58 ----D---- C:\Program Files (x86)\Steam
2016-09-18 09:02:08 ----D---- C:\ProgramData\IObit
2016-09-17 22:51:48 ----D---- C:\Users\Skuuteer\AppData\Roaming\TS3Client
2016-09-16 19:55:29 ----D---- C:\Windows\rescache
2016-09-15 14:35:41 ----D---- C:\Program Files\Common Files
2016-09-15 14:23:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-15 14:16:52 ----D---- C:\Windows\winsxs
2016-09-15 14:16:16 ----D---- C:\Program Files\Microsoft Silverlight
2016-09-15 14:16:16 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 14:16:09 ----D---- C:\Windows\ModemLogs
2016-09-15 14:15:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-09-15 14:15:40 ----D---- C:\Windows\system32\en-US
2016-09-15 14:15:39 ----D---- C:\Windows\system32\Boot
2016-09-15 14:15:39 ----D---- C:\Windows\AppPatch
2016-09-15 14:14:21 ----D---- C:\Windows\debug
2016-09-15 14:05:24 ----D---- C:\Windows\system32\MRT
2016-09-15 13:54:45 ----AC---- C:\Windows\system32\MRT.exe
2016-09-15 13:29:34 ----D---- C:\ProgramData\ProductData
2016-09-14 22:12:12 ----D---- C:\Users\Skuuteer\AppData\Roaming\IObit
2016-09-13 20:00:06 ----D---- C:\Users\Skuuteer\AppData\Roaming\TeamViewer
2016-09-13 20:00:05 ----D---- C:\Users\Skuuteer\AppData\Roaming\uTorrent
2016-09-12 21:08:25 ----D---- C:\Program Files (x86)\Common Files
2016-09-12 21:07:53 ----D---- C:\Program Files\Gibbs
2016-09-12 21:06:17 ----D---- C:\Windows\system32\Setup
2016-09-10 17:27:15 ----D---- C:\Users\Skuuteer\AppData\Roaming\.minecraft
2016-08-24 20:42:16 ----SD---- C:\Users\Skuuteer\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2016-01-22 35384]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2016-05-30 38336]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-04-04 270912]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-03-23 264552]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2015-11-20 186784]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2016-03-23 198096]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2016-03-23 53384]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-07-31 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2013-08-01 91784]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2013-08-01 140736]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2015-11-20 142976]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2016-03-23 84800]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2013-08-01 331328]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2016-07-31 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-10 2222624]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2016-07-31 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-21 15416]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2016-07-31 129224]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-09-21 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2016-03-10 64896]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2009-10-27 75264]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2016-07-31 181760]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-06-14 26560]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-07-31 56384]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver; C:\Windows\system32\DRIVERS\point64.sys [2016-07-31 68904]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-07-31 33960]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2016-07-31 1800832]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2016-07-31 42536]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-08-24 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-08-24 47672]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-08 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-06-10 2520928]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-06-14 1163712]
R2 GibbsRLMServer;GibbsRLMServer; C:\Program Files\Gibbs\RLMServer\rlm.exe [2016-03-16 1540096]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2013-08-01 4609928]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-06-14 1879488]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-06-14 2521024]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-05-30 932912]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-05-30 424384]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-06-14 3632576]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-05-27 2960672]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2016-06-18 1357104]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-01-16 114688]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-01-17 1255736]
S4 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2016-02-24 1145928]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S4 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
S4 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-03-02 83768]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 107848]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 107848]
S4 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-09-23 644880]
S4 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager; C:\Program Files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [2015-03-16 968480]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-07-16 146888]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2011-09-22 374304]
S4 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2011-09-22 1259040]
S4 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2011-09-22 292384]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S4 TeamViewer;TeamViewer 10; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#6 Příspěvek od Roli »

Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Stáhni a spusť AdwCleaner,

ukonči všechny programy včetně prohlížeče a dvojklikem jej spusť,

objeví se okno kde vlevo nahoře klikni na Scan.

Po dokončení skenu klikni na Clean,

proběhne restart PC kdy dojde ke smazání nepořádku.

Po té mi sem zkopíruj Report.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\AutoKMSDaily.job
C:\Windows\AutoKMS.exe

:commands
[purity]
[emptytemp]
[start explorer]
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem zkopíruj obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Co se týče toho problému s prohlížeči, krom toho, že jsou tam breberky - ty odstraníme, bude chtít vyměnit knoflíková baterie na základní desce.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#7 Příspěvek od magi151 »

Zdravím

- nepotrebné súbory odstránené,
- report z adwcleaner:

# AdwCleaner v6.020 - *Logfile created 22/09/2016 *at 20:42:12
# *Updated on 14/09/2016 by ToolsLib
# *Database : 2016-09-22.1 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# *Username : Skuuteer - SKUUTEER-PC
# *Running from : C:\Users\Skuuteer\Downloads\adwcleaner_6.020.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum



***** [ *Services ] *****



***** [ *Folders ] *****



***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****



***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}


***** [ *Browsers ] *****



*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1051 *Bytes] - [22/09/2016 20:42:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [1400 *Bytes] - [22/09/2016 20:41:53]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1199 *Bytes] ##########






- report z OTM:
File/Folder C:\*.tmp not found.
File/Folder C:\WINDOWS\System32\*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
C:\Windows\tasks\AutoKMS.job moved successfully.
C:\Windows\tasks\AutoKMSDaily.job moved successfully.
File/Folder C:\Windows\AutoKMS.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 130484 bytes
->Temporary Internet Files folder emptied: 33298 bytes
->Google Chrome cache emptied: 254530546 bytes

User: Public

User: Skuuteer
->Temp folder emptied: 26742188 bytes
->Temporary Internet Files folder emptied: 1178698 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3561383 bytes
->Google Chrome cache emptied: 112824936 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 22048175 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 8575976829 bytes

Total Files Cleaned = 8 580,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 09222016_204713

Files moved on Reboot...
C:\Users\Skuuteer\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Skuuteer\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

Registry entries deleted on Reboot...


- čo sa týka tej výmeny batérie, viem si tú batériu vymeniť aj sám v prípade, že niesom úplne profi IT človek ? :)
- nefunkčnosť youtube, gmail, a pod je spôsobená tou batériou?
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#8 Příspěvek od Roli »

magi151 píše:- čo sa týka tej výmeny batérie, viem si tú batériu vymeniť aj sám v prípade, že niesom úplne profi IT človek ? :)
- nefunkčnosť youtube, gmail, a pod je spôsobená tou batériou?
Ano baterie se nechá vyměnit i doma pokud je k ní normální přístup a nefunkčnost prohlížečů je pravděpodobně způsobena jejím vybitím a tím pádem si systém nepamatuje datum a proto ta hláška o vypršení platnosti certifikátu.


Dále stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#9 Příspěvek od magi151 »

Log Combofix:

ComboFix 16-09-22.01 - Skuuteer . 09. 2016 19:34:06.2.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3886.1926 [GMT 2:00]
Running from: c:\users\Skuuteer\Downloads\ComboFix.exe
AV: ESET Smart Security 9.0.351.2 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.376.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Downloaded Program Files\IDropPTB.dll
.
.
((((((((((((((((((((((((( Files Created from 2016-08-25 to 2016-09-25 )))))))))))))))))))))))))))))))
.
.
2016-09-25 17:39 . 2016-09-25 17:39 -------- d-----w- c:\users\Guest\AppData\Local\temp
2016-09-25 17:39 . 2016-09-25 17:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-23 17:08 . 2016-09-15 01:18 12030488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{932208AB-6A86-4ED3-B9BF-CCE537568060}\mpengine.dll
2016-09-22 18:47 . 2016-09-22 18:47 -------- d-----w- C:\_OTM
2016-09-22 18:39 . 2016-09-22 18:42 -------- d-----w- C:\AdwCleaner
2016-09-22 17:33 . 2016-09-22 17:33 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2016-09-22 17:24 . 2016-09-22 17:24 6103040 ----a-w- c:\program files (x86)\GUT432A.tmp
2016-09-22 17:24 . 2016-09-22 17:24 -------- d-----w- c:\program files (x86)\GUM4329.tmp
2016-09-22 17:22 . 2016-08-05 15:30 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-22 17:22 . 2016-08-05 15:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-21 15:46 . 2016-09-21 15:46 290304 ----a-w- c:\windows\SysWow64\subinacl.exe
2016-09-21 15:46 . 2016-09-21 15:46 -------- d-----w- c:\program files (x86)\Adware Removal Tool by TSA
2016-09-20 18:03 . 2016-09-21 16:24 -------- d-----w- c:\program files\trend micro
2016-09-20 18:03 . 2016-09-20 18:03 -------- d-----w- C:\rsit
2016-09-15 12:35 . 2016-09-15 12:36 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2016-09-15 11:53 . 2016-07-07 15:36 1896168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-09-15 11:53 . 2016-07-07 15:36 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-09-15 11:53 . 2016-07-07 15:36 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-09-15 11:53 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-09-15 11:53 . 2016-07-01 15:31 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 11:53 . 2016-07-01 15:31 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-15 11:53 . 2016-07-01 15:13 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-09-15 11:53 . 2016-07-01 15:13 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-09-15 11:53 . 2016-08-16 17:36 1009152 ----a-w- c:\windows\system32\user32.dll
2016-09-15 11:53 . 2016-08-16 02:48 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-09-15 11:53 . 2016-08-16 02:35 3218432 ----a-w- c:\windows\system32\win32k.sys
2016-09-15 11:51 . 2016-08-06 15:31 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-09-15 11:51 . 2016-08-06 15:15 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-09-12 19:17 . 2016-09-12 19:17 -------- d-----w- c:\programdata\Productec
2016-09-12 19:08 . 2016-09-12 19:08 -------- d-----w- c:\program files (x86)\Common Files\GibbsCAM Shared
2016-09-12 19:07 . 2016-09-12 19:08 -------- d-----w- c:\program files\Common Files\GibbsCAM Shared
2016-09-12 19:00 . 2016-09-12 19:00 -------- d-----w- c:\program files (x86)\Common Files\IObit
2016-09-12 18:54 . 2016-09-12 19:02 -------- d-----w- c:\program files (x86)\Mycover
2016-09-11 16:23 . 2016-09-15 12:08 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\tor
2016-09-11 16:23 . 2016-09-11 17:22 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\WinDefenderModule
2016-09-11 09:15 . 2016-09-15 11:34 -------- d-----w- c:\program files (x86)\Rockstar Games
2016-09-11 09:15 . 2016-09-15 11:34 -------- d-----w- c:\program files\Rockstar Games
2016-09-06 15:49 . 2016-09-06 15:49 -------- d--h--r- c:\users\Skuuteer\AppData\Roaming\SecuROM
2016-09-05 18:30 . 2016-09-22 17:20 -------- d-----w- c:\users\Skuuteer\AppData\Local\CrashDumps
2016-08-31 19:52 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\NetBeans
2016-08-31 19:52 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\AppData\Local\NetBeans
2016-08-31 19:49 . 2016-08-31 19:51 -------- d-----w- c:\program files\NetBeans 8.1
2016-08-31 19:49 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\.nbi
2016-08-31 19:41 . 2016-08-31 19:54 -------- d-----w- C:\cygwin64
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-21 18:52 . 2016-07-31 18:54 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-15 11:54 . 2016-01-15 14:57 144199024 -c--a-w- c:\windows\system32\MRT.exe
2016-09-02 15:30 . 2016-09-15 11:54 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 11:54 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-02 15:16 . 2016-09-15 11:54 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 11:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-24 18:33 . 2016-08-24 18:33 348160 ----a-w- c:\windows\SysWow64\Msvcr71.dll
2016-08-24 18:33 . 2016-08-24 18:33 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2016-08-24 18:33 . 2016-08-24 18:33 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2016-08-24 18:31 . 2016-08-24 18:31 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2016-08-24 18:17 . 2016-08-24 18:17 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-08-24 18:17 . 2016-08-24 18:17 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-12 16:46 . 2016-09-22 18:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-08 06:21 . 2016-08-08 06:21 356352 ----a-w- c:\windows\eSellerateEngine.dll
2016-08-05 13:09 . 2016-08-05 13:09 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-07-31 19:18 . 2016-07-31 19:18 33960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2016-07-31 19:18 . 2016-07-31 19:18 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2016-07-31 19:14 . 2016-07-31 19:14 158976 ----a-w- c:\windows\system32\drivers\Impcd.sys
2016-07-31 19:13 . 2016-07-31 19:13 181760 ----a-w- c:\windows\system32\drivers\nusb3xhc.sys
2016-07-31 19:13 . 2016-07-31 19:13 56384 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-07-31 19:13 . 2016-07-31 19:13 102976 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-07-31 19:13 . 2016-01-16 19:42 113216 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-07-31 19:08 . 2016-07-31 19:08 68904 ----a-w- c:\windows\system32\drivers\point64.sys
2016-07-31 19:07 . 2016-07-31 19:07 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2016-07-31 19:07 . 2016-07-31 19:07 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2016-07-31 19:04 . 2016-07-31 19:04 42536 ----a-w- c:\windows\system32\drivers\btcusb.sys
2016-07-31 19:04 . 2016-07-31 19:04 12800 ----a-w- c:\windows\system32\btinstall.dll
2016-07-31 19:03 . 2016-07-31 19:03 129224 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2016-07-31 19:01 . 2016-07-31 19:01 376832 ----a-w- c:\windows\system32\vsnp2uvc.dll
2016-07-31 19:01 . 2016-07-31 19:01 1800832 ----a-w- c:\windows\system32\drivers\snp2uvc.sys
2016-07-31 19:01 . 2016-07-31 19:01 909824 ----a-w- c:\windows\vsnp2uvc.exe
2016-07-31 19:01 . 2016-07-31 19:01 35328 ----a-w- c:\windows\system32\drivers\sncduvc.sys
2016-07-31 19:01 . 2016-07-31 19:01 307712 ----a-w- c:\windows\SysWow64\vsnp2uvc.dll
2016-07-31 19:01 . 2016-07-31 19:01 2401307 ----a-w- c:\windows\snuninst.exe
2016-07-31 19:01 . 2016-07-31 19:01 238592 ----a-w- c:\windows\system32\csnp2uvc.dll
2016-07-31 18:59 . 2016-07-31 18:59 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-07-26 12:24 . 2016-01-15 14:57 504488 ------w- c:\windows\system32\MpSigStub.exe
2016-07-21 19:20 . 2016-01-16 20:17 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-07-12 17:53 . 2016-03-13 16:07 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-12 17:53 . 2016-03-13 16:07 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\users\Skuuteer\AppData\Local\Viber\Viber.exe" [2016-08-10 72586832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-02-18 1193352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [2016-1-22 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
R4 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R4 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager;c:\program files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [x]
R4 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
R4 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GibbsRLMServer;GibbsRLMServer;c:\program files\Gibbs\RLMServer\rlm.exe;c:\program files\Gibbs\RLMServer\rlm.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-22 17:27 1267528 ----a-w- c:\program files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2016-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-13 17:53]
.
2016-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 17:32]
.
2016-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 17:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-06-14 2397120]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-06-14 1767944]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-09-23 170256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.20.254 8.8.8.8
FF - ProfilePath - c:\users\Skuuteer\AppData\Roaming\Mozilla\Firefox\Profiles\9efujxj7.default-1474474262335\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3122661 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3127233 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3136000v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3142037 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3143693 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3164025 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3179949 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-Viber - c:\users\Skuuteer\AppData\Local\Viber\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3351185126-2454618975-1233198843-1001\Software\SecuROM\License information*]
"datasecu"=hex:36,7c,96,38,cd,1d,ff,99,a8,f4,a8,c7,85,55,d4,89,7a,ac,97,4f,1e,
d7,f8,c4,14,9f,6f,c0,5d,f9,85,75,fe,79,ae,1c,d1,56,fb,e6,1c,fe,07,3b,31,df,\
"rkeysecu"=hex:52,b2,24,89,d8,60,9b,e4,cd,b4,4e,02,0e,61,31,d8
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-09-25 19:41:59
ComboFix-quarantined-files.txt 2016-09-25 17:41
.
Pre-Run: 22 195 081 216 bytes free
Post-Run: 22 960 308 224 bytes free
.
- - End Of File - - F750EA99E0DD6A240E55829BAA3CE93F
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#10 Příspěvek od Roli »

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::
c:\program files (x86)\GUT432A.tmp
c:\program files (x86)\GUM4329.tmp  

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#11 Příspěvek od magi151 »

ComboFix 16-09-22.01 - Skuuteer . 09. 2016 18:52:09.3.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3886.2217 [GMT 2:00]
Running from: c:\users\Skuuteer\Downloads\ComboFix.exe
Command switches used :: c:\users\Skuuteer\Desktop\CFScript.txt.txt
AV: ESET Smart Security 9.0.351.2 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personálny firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 9.0.376.1 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\program files (x86)\GUM4329.tmp"
"c:\program files (x86)\GUT432A.tmp"
.
.
((((((((((((((((((((((((( Files Created from 2016-08-27 to 2016-09-27 )))))))))))))))))))))))))))))))
.
.
2016-09-27 16:57 . 2016-09-27 16:57 -------- d-----w- c:\users\Guest\AppData\Local\temp
2016-09-27 16:57 . 2016-09-27 16:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-09-27 14:07 . 2016-09-27 14:07 -------- d-----w- c:\users\Skuuteer\.oracle_jre_usage
2016-09-23 17:08 . 2016-09-15 01:18 12030488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{932208AB-6A86-4ED3-B9BF-CCE537568060}\mpengine.dll
2016-09-22 18:47 . 2016-09-22 18:47 -------- d-----w- C:\_OTM
2016-09-22 18:39 . 2016-09-22 18:42 -------- d-----w- C:\AdwCleaner
2016-09-22 17:33 . 2016-09-22 17:33 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2016-09-22 17:24 . 2016-09-22 17:24 6103040 ----a-w- c:\program files (x86)\GUT432A.tmp
2016-09-22 17:24 . 2016-09-22 17:24 -------- d-----w- c:\program files (x86)\GUM4329.tmp
2016-09-22 17:22 . 2016-08-05 15:30 2048 ----a-w- c:\windows\system32\tzres.dll
2016-09-22 17:22 . 2016-08-05 15:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-09-21 15:46 . 2016-09-21 15:46 290304 ----a-w- c:\windows\SysWow64\subinacl.exe
2016-09-21 15:46 . 2016-09-21 15:46 -------- d-----w- c:\program files (x86)\Adware Removal Tool by TSA
2016-09-20 18:03 . 2016-09-21 16:24 -------- d-----w- c:\program files\trend micro
2016-09-20 18:03 . 2016-09-20 18:03 -------- d-----w- C:\rsit
2016-09-15 12:35 . 2016-09-15 12:36 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2016-09-15 11:53 . 2016-07-07 15:36 1896168 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-09-15 11:53 . 2016-07-07 15:36 377576 ----a-w- c:\windows\system32\drivers\netio.sys
2016-09-15 11:53 . 2016-07-07 15:36 287976 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-09-15 11:53 . 2016-07-07 15:08 46080 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2016-09-15 11:53 . 2016-07-01 15:31 976896 ----a-w- c:\windows\system32\inetcomm.dll
2016-09-15 11:53 . 2016-07-01 15:31 84480 ----a-w- c:\windows\system32\INETRES.dll
2016-09-15 11:53 . 2016-07-01 15:13 84480 ----a-w- c:\windows\SysWow64\INETRES.dll
2016-09-15 11:53 . 2016-07-01 15:13 741888 ----a-w- c:\windows\SysWow64\inetcomm.dll
2016-09-15 11:53 . 2016-08-16 17:36 1009152 ----a-w- c:\windows\system32\user32.dll
2016-09-15 11:53 . 2016-08-16 02:48 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-09-15 11:53 . 2016-08-16 02:35 3218432 ----a-w- c:\windows\system32\win32k.sys
2016-09-15 11:51 . 2016-08-06 15:31 877056 ----a-w- c:\windows\system32\oleaut32.dll
2016-09-15 11:51 . 2016-08-06 15:15 581632 ----a-w- c:\windows\SysWow64\oleaut32.dll
2016-09-12 19:17 . 2016-09-12 19:17 -------- d-----w- c:\programdata\Productec
2016-09-12 19:08 . 2016-09-12 19:08 -------- d-----w- c:\program files (x86)\Common Files\GibbsCAM Shared
2016-09-12 19:07 . 2016-09-12 19:08 -------- d-----w- c:\program files\Common Files\GibbsCAM Shared
2016-09-12 19:00 . 2016-09-12 19:00 -------- d-----w- c:\program files (x86)\Common Files\IObit
2016-09-12 18:54 . 2016-09-12 19:02 -------- d-----w- c:\program files (x86)\Mycover
2016-09-11 16:23 . 2016-09-15 12:08 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\tor
2016-09-11 16:23 . 2016-09-11 17:22 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\WinDefenderModule
2016-09-11 09:15 . 2016-09-15 11:34 -------- d-----w- c:\program files (x86)\Rockstar Games
2016-09-11 09:15 . 2016-09-15 11:34 -------- d-----w- c:\program files\Rockstar Games
2016-09-06 15:49 . 2016-09-06 15:49 -------- d--h--r- c:\users\Skuuteer\AppData\Roaming\SecuROM
2016-09-05 18:30 . 2016-09-22 17:20 -------- d-----w- c:\users\Skuuteer\AppData\Local\CrashDumps
2016-08-31 19:52 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\AppData\Roaming\NetBeans
2016-08-31 19:52 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\AppData\Local\NetBeans
2016-08-31 19:49 . 2016-08-31 19:51 -------- d-----w- c:\program files\NetBeans 8.1
2016-08-31 19:49 . 2016-08-31 19:52 -------- d-----w- c:\users\Skuuteer\.nbi
2016-08-31 19:41 . 2016-08-31 19:54 -------- d-----w- C:\cygwin64
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-09-21 18:52 . 2016-07-31 18:54 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-09-15 11:54 . 2016-01-15 14:57 144199024 -c--a-w- c:\windows\system32\MRT.exe
2016-09-02 15:30 . 2016-09-15 11:54 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 11:54 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2016-09-02 15:16 . 2016-09-15 11:54 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-09-02 15:16 . 2016-09-15 11:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-08-24 18:33 . 2016-08-24 18:33 348160 ----a-w- c:\windows\SysWow64\Msvcr71.dll
2016-08-24 18:33 . 2016-08-24 18:33 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2016-08-24 18:33 . 2016-08-24 18:33 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2016-08-24 18:31 . 2016-08-24 18:31 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2016-08-24 18:17 . 2016-08-24 18:17 47672 ----a-w- c:\windows\system32\drivers\dtliteusbbus.sys
2016-08-24 18:17 . 2016-08-24 18:17 30264 ----a-w- c:\windows\system32\drivers\dtlitescsibus.sys
2016-08-12 16:46 . 2016-09-22 18:24 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-08-08 06:21 . 2016-08-08 06:21 356352 ----a-w- c:\windows\eSellerateEngine.dll
2016-08-05 13:09 . 2016-08-05 13:09 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll
2016-08-05 13:09 . 2016-08-05 13:09 19104 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll
2016-08-05 13:02 . 2016-08-05 13:02 30400 ----a-w- c:\windows\system32\aspnet_counters.dll
2016-07-31 19:18 . 2016-07-31 19:18 33960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2016-07-31 19:18 . 2016-07-31 19:18 1795952 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2016-07-31 19:14 . 2016-07-31 19:14 158976 ----a-w- c:\windows\system32\drivers\Impcd.sys
2016-07-31 19:13 . 2016-07-31 19:13 181760 ----a-w- c:\windows\system32\drivers\nusb3xhc.sys
2016-07-31 19:13 . 2016-07-31 19:13 56384 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-07-31 19:13 . 2016-07-31 19:13 102976 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2016-07-31 19:13 . 2016-01-16 19:42 113216 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-07-31 19:08 . 2016-07-31 19:08 68904 ----a-w- c:\windows\system32\drivers\point64.sys
2016-07-31 19:07 . 2016-07-31 19:07 317440 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2016-07-31 19:07 . 2016-07-31 19:07 14848 ----a-w- c:\windows\system32\IntcDAuC.dll
2016-07-31 19:04 . 2016-07-31 19:04 42536 ----a-w- c:\windows\system32\drivers\btcusb.sys
2016-07-31 19:04 . 2016-07-31 19:04 12800 ----a-w- c:\windows\system32\btinstall.dll
2016-07-31 19:03 . 2016-07-31 19:03 129224 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2016-07-31 19:01 . 2016-07-31 19:01 376832 ----a-w- c:\windows\system32\vsnp2uvc.dll
2016-07-31 19:01 . 2016-07-31 19:01 1800832 ----a-w- c:\windows\system32\drivers\snp2uvc.sys
2016-07-31 19:01 . 2016-07-31 19:01 909824 ----a-w- c:\windows\vsnp2uvc.exe
2016-07-31 19:01 . 2016-07-31 19:01 35328 ----a-w- c:\windows\system32\drivers\sncduvc.sys
2016-07-31 19:01 . 2016-07-31 19:01 307712 ----a-w- c:\windows\SysWow64\vsnp2uvc.dll
2016-07-31 19:01 . 2016-07-31 19:01 2401307 ----a-w- c:\windows\snuninst.exe
2016-07-31 19:01 . 2016-07-31 19:01 238592 ----a-w- c:\windows\system32\csnp2uvc.dll
2016-07-31 18:59 . 2016-07-31 18:59 27552 ----a-w- c:\windows\SysWow64\drivers\HWiNFO64A.SYS
2016-07-26 12:24 . 2016-01-15 14:57 504488 ------w- c:\windows\system32\MpSigStub.exe
2016-07-21 19:20 . 2016-01-16 20:17 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2016-07-12 17:53 . 2016-03-13 16:07 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-07-12 17:53 . 2016-03-13 16:07 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Viber"="c:\users\Skuuteer\AppData\Local\Viber\Viber.exe" [2016-08-10 72586832]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-01-13 7109248]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-01-05 170624]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-10-21 106496]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-06-22 598552]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2014-02-18 1193352]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h [2016-1-22 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;c:\windows\system32\DRIVERS\dtliteusbbus.sys;c:\windows\SYSNATIVE\DRIVERS\dtliteusbbus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 AdAppMgrSvc;Autodesk Application Manager Service;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe ;c:\program files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [x]
R4 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
R4 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R4 mitsijm2015;Autodesk Simulation Moldflow MITSI 2015 Job Manager;c:\program files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe;c:\program files\Autodesk\Inventor 2015\Moldflow\bin\mitsijm.exe [x]
R4 SentinelKeysServer;Sentinel Keys Server;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [x]
R4 SentinelSecurityRuntime;Sentinel Security Runtime;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe;c:\program files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;ESET Personal Firewall;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekbdflt;ekbdflt;c:\windows\system32\DRIVERS\ekbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\ekbdflt.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 GibbsRLMServer;GibbsRLMServer;c:\program files\Gibbs\RLMServer\rlm.exe;c:\program files\Gibbs\RLMServer\rlm.exe [x]
S2 hasplms;Sentinel LDK License Manager;c:\windows\system32\hasplms.exe -run;c:\windows\SYSNATIVE\hasplms.exe -run [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys;c:\windows\SYSNATIVE\Drivers\Sentinel64.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Zvuk pre obrazovky;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-22 17:27 1267528 ----a-w- c:\program files (x86)\Google\Chrome\Application\53.0.2785.116\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-06-30 11:55 322232 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
Contents of the 'Scheduled Tasks' folder
.
2016-09-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-13 17:53]
.
2016-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 17:32]
.
2016-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-01-15 17:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveBlacklisted]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSynced]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ GoogleDriveSyncing]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2016-07-29 07:34 774104 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-06-14 2397120]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-06-14 1767944]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-09-23 170256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.20.254 8.8.8.8
FF - ProfilePath - c:\users\Skuuteer\AppData\Roaming\Mozilla\Firefox\Profiles\9efujxj7.default-1474474262335\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3122661 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3127233 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3136000v2 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3142037 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3143693 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3164025 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3179949 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.6.01055\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3351185126-2454618975-1233198843-1001\Software\SecuROM\License information*]
"datasecu"=hex:36,7c,96,38,cd,1d,ff,99,a8,f4,a8,c7,85,55,d4,89,7a,ac,97,4f,1e,
d7,f8,c4,14,9f,6f,c0,5d,f9,85,75,fe,79,ae,1c,d1,56,fb,e6,1c,fe,07,3b,31,df,\
"rkeysecu"=hex:52,b2,24,89,d8,60,9b,e4,cd,b4,4e,02,0e,61,31,d8
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
Completion time: 2016-09-27 18:59:40
ComboFix-quarantined-files.txt 2016-09-27 16:59
ComboFix2.txt 2016-09-25 17:42
.
Pre-Run: 23 252 889 600 bytes free
Post-Run: 22 913 421 312 bytes free
.
- - End Of File - - 1048948ABE6E8617B4D07BE291F51B78
A36C5E4F47E84449FF07ED3517B43A31
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#12 Příspěvek od magi151 »

Snažil som sa vymeniť tú baterku, nepodarilo sa mi k nej dostať, sám to nespravím, ale otázka na vás znie:
Ak je baterka vybitá, nemal by potom aj dátum a čas v biose byť neaktuálny?
Pretože čas aj dátum v biose sedí so systémovým, teda reálnym.
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#13 Příspěvek od Roli »

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

magi151 píše:Snažil som sa vymeniť tú baterku, nepodarilo sa mi k nej dostať, sám to nespravím, ale otázka na vás znie:
Ak je baterka vybitá, nemal by potom aj dátum a čas v biose byť neaktuálny?
Pretože čas aj dátum v biose sedí so systémovým, teda reálnym.
Ano datum při vybité baterii bude po prvním zapnutím (třeba druhý den) nereálný, po připojení k netu by se měl aktualizovat. Pokud i po aktualizaci času prohlížeče vyhazují chybu bude problém v registru.
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
magi151
Návštěvník
Návštěvník
Příspěvky: 87
Registrován: 11 bře 2008 16:38

Re: Kontrola logu

#14 Příspěvek od magi151 »

ok combofix odinštalovaný, t-cleaner odstránil zbytok
- áno skúšal som sa pozrieť v deň keď som ešte notebook nemal zapnutý na ten čas a dátum v biose a sedel aj so systémovým
Nahoru
Uživatelský avatar
Roli
VIP
VIP
Příspěvky: 13399
Registrován: 26 lis 2006 13:37
Bydliště: ČR

Re: Kontrola logu

#15 Příspěvek od Roli »

V tom případě bude pravděpodobně jak jsem psal poškozený registr, zkusil bych jej přes funkci Import obnovit do doby kdy vše fungovalo.

Jeho záloha je zde - Windows\System32\Config\Regback
| Rsit | Mbam | AVPTool | Cure It |

O víkendu odpočívám :all_coholic:
Nahoru
Odpovědět

Zpět na „Preventivní kontroly logů“