Logfile of random's system information tool 1.14 (written by random/random)
Run by xy at 2017-01-28 18:46:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 29 GB (24%) free of 119 GB
Total RAM: 4061 MB (61% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:46:04, on 28.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xy_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O2 - BHO: Search App by Ask BHO - {4F524A2D-5350-4500-76A7-7A786E7484D7} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - (no file)
O3 - Toolbar: (no name) - {4F524A2D-5350-4500-76A7-7A786E7484D7} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: @Sky video link.lnk = C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~2\Crawler\Toolbar\ctbr.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Amazon 1Button App Service - Unknown owner - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer Wrapper TrueKey (InstallerWrapperService) - McAfee, Inc. - C:\Program Files\TrueKey\InstallerWrapperService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11996 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\xy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "44800458-581480966-2140005848-2097469550-242431170-1597775061008740300-711306297
"C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
"C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe" "C:\Program Files (x86)\ATSKY\@Sky video link\Navigator\Main.htm"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7d6d678d-dc48-4f5b-b1ca-f9173af39d66 -SystemEventPortName:HostProcess-a54062f0-f4b6-43b7-a044-ad0393b445c2 -IoCancelEventPortName:HostProcess-8c3cf6b5-9503-4f2a-a2f2-33e21f808c23 -NonStateChangingEventPortName:HostProcess-468dce64-fd36-49fc-836f-d08124abe1e7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:f6ad27d0-03cd-4bf2-8312-d38bfa4f968a -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3264 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3264 CREDAT:660756 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3264 CREDAT:1119661 /prefetch:2
C:\Windows\system32\AUDIODG.EXE 0x808
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xy\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\tasks\ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
C:\Windows\system32\tasks\WC3 - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\system32\tasks\{054C4B33-BE6F-4BC9-B1C0-8DBE0279645B} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\1\iview430_setup.exe -d C:\Users\xy\Desktop\1
C:\Windows\system32\tasks\{3B5CCC1D-DBD3-47E8-A809-3EAB4E425E40} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\irfanviewcestina.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{5C7389D1-9338-4704-A529-D1DF652C0B0F} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huffyuvSetup.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{81909028-B7A9-4002-94B7-D2FB3D426A01} - C:\Windows\system32\pcalua.exe -a "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02\DXSETUP.exe" -d "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02"
C:\Windows\system32\tasks\{DBA1D713-F717-4695-8064-E2A80B778D81} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huawei_driver.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2887688111-4091793534-1823414437-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension jogjmeegdjegaoilmiinaplaljoglcnm 0 Link to file on GD 0.3
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nkpcdamhlccefaoghpnhbneneccgjifm 0 Sound off in tabs 0.9
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-25 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-10-03 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-25 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~2\Crawler\Toolbar\ctbr.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-10-03 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{4F524A2D-5350-4500-76A7-7A786E7484D7}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
{4F524A2D-5350-4500-76A7-7A786E7484D7}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017-01-10 7943072]
"cz.seznam.software.autoupdate"=C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"pdfSaver3"=c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-26 74752]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-09 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pdfSaver3"= []
"602PC SUITE PDF Saver"=C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe [2005-08-31 49152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
@Sky video link.lnk - C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-28 18:00:57 ----D---- C:\rsit
2017-01-28 18:00:57 ----D---- C:\Program Files\trend micro
2017-01-28 14:20:10 ----A---- C:\AVScanner.ini
2017-01-28 14:13:49 ----D---- C:\ProgramData\McAfee
2017-01-28 14:13:38 ----D---- C:\Program Files\TrueKey
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iertutil.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\inseng.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-25 23:27:29 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-25 23:27:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-25 23:27:27 ----A---- C:\Windows\system32\occache.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\urlmon.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-25 23:27:25 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-25 23:27:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-25 23:27:24 ----A---- C:\Windows\system32\iesetup.dll
2017-01-25 23:27:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\vbscript.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-25 23:27:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\ieui.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-25 23:27:18 ----A---- C:\Windows\system32\ieframe.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\webcheck.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\wininet.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\jscript9.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\msrating.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-25 23:27:14 ----A---- C:\Windows\system32\mshtml.dll
2017-01-25 23:27:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-25 23:27:10 ----A---- C:\Windows\system32\win32k.sys
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-25 23:27:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\ntdll.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\winload.exe
2017-01-25 23:27:06 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\advapi32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\schannel.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\msctf.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kernel32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kerberos.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\system32\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wow64win.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wintrust.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\user32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\gdi32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\clfs.sys
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\usp10.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\srcore.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-25 23:27:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\conhost.exe
2017-01-25 23:27:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\winsrv.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\msiexec.exe
2017-01-25 23:27:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-25 23:26:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\wow64.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\consent.exe
2017-01-25 23:26:59 ----A---- C:\Windows\system32\certcli.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-25 23:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-25 23:26:58 ----A---- C:\Windows\system32\adtschema.dll
2017-01-25 23:26:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-25 23:26:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\wdigest.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appinfo.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-25 23:26:55 ----A---- C:\Windows\system32\appidapi.dll
2017-01-25 23:26:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\smss.exe
2017-01-25 23:26:53 ----A---- C:\Windows\system32\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-25 23:26:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\secur32.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\rstrui.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\msihnd.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\lsass.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-25 23:26:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\auditpol.exe
2017-01-25 23:26:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-25 23:26:49 ----A---- C:\Windows\system32\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\credssp.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\lpk.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\atmlib.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\fontsub.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-25 23:26:44 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\INETRES.dll
2017-01-22 17:28:01 ----A---- C:\Windows\Reimage.ini
======List of files/folders modified in the last 1 month======
2017-01-28 18:39:23 ----D---- C:\Windows\tracing
2017-01-28 18:03:44 ----D---- C:\Windows\Prefetch
2017-01-28 18:00:57 ----D---- C:\Program Files
2017-01-28 17:10:27 ----D---- C:\Windows\Temp
2017-01-28 16:26:54 ----D---- C:\Windows\system32\config
2017-01-28 16:15:19 ----D---- C:\Users\xy\AppData\Roaming\Seznam.cz
2017-01-28 16:10:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-01-28 16:10:03 ----D---- C:\Windows\system32\Tasks
2017-01-28 14:20:10 ----RD---- C:\Program Files (x86)
2017-01-28 14:20:10 ----HD---- C:\ProgramData
2017-01-28 14:20:08 ----D---- C:\Windows\system32\drivers\etc
2017-01-28 14:13:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-28 14:13:26 ----D---- C:\Windows\system32\Macromed
2017-01-28 14:13:24 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-28 07:59:37 ----SHD---- C:\Windows\Installer
2017-01-28 07:59:30 ----D---- C:\Program Files (x86)\Google
2017-01-27 12:38:42 ----SHD---- C:\System Volume Information
2017-01-27 11:32:25 ----D---- C:\Users\xy\AppData\Roaming\ICQ
2017-01-27 10:34:05 ----D---- C:\Users\xy\AppData\Roaming\vlc
2017-01-26 18:27:14 ----D---- C:\Windows\rescache
2017-01-26 17:41:01 ----D---- C:\Windows\System32
2017-01-26 17:41:01 ----D---- C:\Windows\inf
2017-01-26 17:41:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-26 10:54:16 ----D---- C:\Windows\Microsoft.NET
2017-01-26 10:53:34 ----RSD---- C:\Windows\assembly
2017-01-25 23:49:41 ----D---- C:\Windows\winsxs
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\migration
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-25 23:45:46 ----D---- C:\Program Files\Internet Explorer
2017-01-25 23:45:46 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-25 23:45:45 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-25 23:45:45 ----D---- C:\Windows\SysWOW64
2017-01-25 23:45:44 ----D---- C:\Windows\system32\migration
2017-01-25 23:45:44 ----D---- C:\Windows\system32\drivers
2017-01-25 23:45:44 ----D---- C:\Windows\system32\cs-CZ
2017-01-25 23:45:43 ----D---- C:\Windows\system32\en-US
2017-01-25 23:45:41 ----SD---- C:\ProgramData\Microsoft
2017-01-25 23:45:41 ----D---- C:\Windows\system32\Boot
2017-01-25 23:45:41 ----D---- C:\Windows\AppPatch
2017-01-25 23:33:31 ----D---- C:\Windows\system32\MRT
2017-01-25 23:29:05 ----AC---- C:\Windows\system32\MRT.exe
2017-01-25 23:18:43 ----D---- C:\Windows\system32\catroot2
2017-01-23 17:36:21 ----SHD---- C:\$Recycle.Bin
2017-01-22 19:08:57 ----D---- C:\Downloads
2017-01-22 17:28:01 ----D---- C:\Windows
2017-01-12 08:06:18 ----D---- C:\Program Files\SUPERAntiSpyware
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-03 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-09 427360]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-03 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-03 92008]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-10-03 172344]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-10-03 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 Amazon 1Button App Service;Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 InstallerWrapperService;Service Installer Wrapper TrueKey; C:\Program Files\TrueKey\InstallerWrapperService.exe [2016-07-19 47688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-28 270936]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-02 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# AdwCleaner v6.043 - Log vytvořen 29/01/2017 v 20:17:21
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-01-28.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : xy - XY-PC
# Spuštěno z : C:\Users\xy\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: Amazon 1Button App Service
***** [ Složky ] *****
[-] Složka smazána: C:\Users\xy\AppData\Local\AskPartnerNetwork
[-] Složka smazána: C:\Users\xy\AppData\Roaming\OpenCandy
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\AskPartnerNetwork
[-] Složka smazána: C:\ProgramData\ICQ\ICQToolbar
[-] Složka smazána: C:\ProgramData\ICQ\ICQNewTab
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\AskPartnerNetwork
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ICQ\ICQToolbar
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ICQ\ICQNewTab
[-] Složka smazána: C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazána: C:\Program Files (x86)\Crawler
[-] Složka smazána: C:\Users\xy\AppData\Local\Temp\apn
***** [ Soubory ] *****
[-] Soubor smazán: C:\Windows\Reimage.ini
[-] Soubor smazán: C:\Users\xy\AppData\Local\Temp\reimage.log
[-] Soubor smazán: C:\Users\xy\AppData\Local\Temp\ReimagePackage.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ctbr.R404Pro
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ctbr.R404Pro
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\AskPartnerNetwork
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\distromatic
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Reimage
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Mail.Ru
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: HKCU\Software\AskPartnerNetwork
[#] Klíč smazán po restartu: HKCU\Software\CToolbar
[#] Klíč smazán po restartu: HKCU\Software\distromatic
[#] Klíč smazán po restartu: HKCU\Software\Reimage
[#] Klíč smazán po restartu: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartu: HKCU\Software\Mail.Ru
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán: HKLM\SOFTWARE\CToolbar
[-] Klíč smazán: HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč smazán: HKLM\SOFTWARE\Mail.Ru
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1002}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\AskPartnerNetwork
[#] Klíč smazán po restartu: [x64] HKCU\Software\CToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\distromatic
[#] Klíč smazán po restartu: [x64] HKCU\Software\Reimage
[#] Klíč smazán po restartu: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartu: [x64] HKCU\Software\Mail.Ru
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán: [x64] HKLM\SOFTWARE\AskPartnerNetwork
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Reimage
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data obnovena: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\narodnipokladnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televiznicentrum.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\videodownloadconverter.dl.tb.ask.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.narodnipokladnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\narodnipokladnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televiznicentrum.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\videodownloadconverter.dl.tb.ask.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.narodnipokladnice.cz
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [21574 Bajty] - [29/01/2017 20:17:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [21043 Bajty] - [29/01/2017 20:14:26]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [21722 Bajty] ##########
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-01-28.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : xy - XY-PC
# Spuštěno z : C:\Users\xy\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: Amazon 1Button App Service
***** [ Složky ] *****
[-] Složka smazána: C:\Users\xy\AppData\Local\AskPartnerNetwork
[-] Složka smazána: C:\Users\xy\AppData\Roaming\OpenCandy
[-] Složka smazána: C:\ProgramData\apn
[-] Složka smazána: C:\ProgramData\AskPartnerNetwork
[-] Složka smazána: C:\ProgramData\ICQ\ICQToolbar
[-] Složka smazána: C:\ProgramData\ICQ\ICQNewTab
[#] Složka smazána po restartu: C:\ProgramData\Application Data\apn
[#] Složka smazána po restartu: C:\ProgramData\Application Data\AskPartnerNetwork
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ICQ\ICQToolbar
[#] Složka smazána po restartu: C:\ProgramData\Application Data\ICQ\ICQNewTab
[-] Složka smazána: C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazána: C:\Program Files (x86)\Crawler
[-] Složka smazána: C:\Users\xy\AppData\Local\Temp\apn
***** [ Soubory ] *****
[-] Soubor smazán: C:\Windows\Reimage.ini
[-] Soubor smazán: C:\Users\xy\AppData\Local\Temp\reimage.log
[-] Soubor smazán: C:\Users\xy\AppData\Local\Temp\ReimagePackage.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
[-] Zástupce vyléčen: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Klíč smazán: HKLM\SOFTWARE\Classes\ctbr.R404Pro
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Klíč smazán: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\ctbr.R404Pro
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5350-4500-76A7-7A786E7484D7}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21FA44EF-376D-4D53-9B0F-8A89D3229068}
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[-] Hodnota smazána: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\AskPartnerNetwork
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\distromatic
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Reimage
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Mail.Ru
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: HKCU\Software\AskPartnerNetwork
[#] Klíč smazán po restartu: HKCU\Software\CToolbar
[#] Klíč smazán po restartu: HKCU\Software\distromatic
[#] Klíč smazán po restartu: HKCU\Software\Reimage
[#] Klíč smazán po restartu: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartu: HKCU\Software\Mail.Ru
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán: HKLM\SOFTWARE\CToolbar
[-] Klíč smazán: HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč smazán: HKLM\SOFTWARE\Mail.Ru
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C1002}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\CToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\ICQ\ICQToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\AskPartnerNetwork
[#] Klíč smazán po restartu: [x64] HKCU\Software\CToolbar
[#] Klíč smazán po restartu: [x64] HKCU\Software\distromatic
[#] Klíč smazán po restartu: [x64] HKCU\Software\Reimage
[#] Klíč smazán po restartu: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Klíč smazán po restartu: [x64] HKCU\Software\Mail.Ru
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán: [x64] HKLM\SOFTWARE\AskPartnerNetwork
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Reimage
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Data obnovena: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena: HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Data obnovena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Klíč smazán: HKU\S-1-5-21-2887688111-4091793534-1823414437-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[#] Klíč smazán po restartu: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{03A8CC1F-F948-4E6D-8F56-6FDB9E8C4D53}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\narodnipokladnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televiznicentrum.cz
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\videodownloadconverter.dl.tb.ask.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.narodnipokladnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\icq.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akcniceny.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\narodnipokladnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televiznicentrum.cz
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ttdetect.staticimgfarm.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\videodownloadconverter.dl.tb.ask.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.narodnipokladnice.cz
[-] Hodnota smazána: HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Klíč smazán: HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [21574 Bajty] - [29/01/2017 20:17:21]
C:\AdwCleaner\AdwCleaner[S0].txt - [21043 Bajty] - [29/01/2017 20:14:26]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [21722 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.14 (written by random/random)
Run by xy at 2017-01-29 21:00:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 29 GB (24%) free of 119 GB
Total RAM: 4061 MB (67% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:33, on 29.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xy_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: @Sky video link.lnk = C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer Wrapper TrueKey (InstallerWrapperService) - McAfee, Inc. - C:\Program Files\TrueKey\InstallerWrapperService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10941 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-68a2fb8d-4475-458a-980a-a8aee3cf030f -SystemEventPortName:HostProcess-4ceb974c-7f68-48ff-8322-6e56438f513f -IoCancelEventPortName:HostProcess-24177f52-792c-49da-b0cb-2b31be8a6464 -NonStateChangingEventPortName:HostProcess-cf74cedf-c374-4237-8a27-29bc6e54bc05 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:61af67d0-d18e-4aac-b583-751b7df760e9 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
"C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe" "C:\Program Files (x86)\ATSKY\@Sky video link\Navigator\Main.htm"
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Users\xy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
\??\C:\Windows\system32\conhost.exe "-1252781201-117134277-593723252-478134225-897471015-1907998035794889908-107909241
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4288 CREDAT:3347764 /prefetch:2
C:\Windows\system32\AUDIODG.EXE 0x644
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xy\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\tasks\ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
C:\Windows\system32\tasks\WC3 - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\system32\tasks\{054C4B33-BE6F-4BC9-B1C0-8DBE0279645B} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\1\iview430_setup.exe -d C:\Users\xy\Desktop\1
C:\Windows\system32\tasks\{3B5CCC1D-DBD3-47E8-A809-3EAB4E425E40} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\irfanviewcestina.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{5C7389D1-9338-4704-A529-D1DF652C0B0F} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huffyuvSetup.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{81909028-B7A9-4002-94B7-D2FB3D426A01} - C:\Windows\system32\pcalua.exe -a "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02\DXSETUP.exe" -d "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02"
C:\Windows\system32\tasks\{DBA1D713-F717-4695-8064-E2A80B778D81} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huawei_driver.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2887688111-4091793534-1823414437-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension jogjmeegdjegaoilmiinaplaljoglcnm 0 Link to file on GD 0.3
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nkpcdamhlccefaoghpnhbneneccgjifm 0 Sound off in tabs 0.9
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-25 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-10-03 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-25 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-10-03 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{4F524A2D-5350-4500-76A7-7A786E7484D7}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017-01-10 7943072]
"cz.seznam.software.autoupdate"=C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"pdfSaver3"=c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-26 74752]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-09 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pdfSaver3"= []
"602PC SUITE PDF Saver"=C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe [2005-08-31 49152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
@Sky video link.lnk - C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-29 20:09:04 ----D---- C:\AdwCleaner
2017-01-28 18:00:57 ----D---- C:\rsit
2017-01-28 18:00:57 ----D---- C:\Program Files\trend micro
2017-01-28 14:20:10 ----A---- C:\AVScanner.ini
2017-01-28 14:13:49 ----D---- C:\ProgramData\McAfee
2017-01-28 14:13:38 ----D---- C:\Program Files\TrueKey
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iertutil.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\inseng.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-25 23:27:29 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-25 23:27:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-25 23:27:27 ----A---- C:\Windows\system32\occache.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\urlmon.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-25 23:27:25 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-25 23:27:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-25 23:27:24 ----A---- C:\Windows\system32\iesetup.dll
2017-01-25 23:27:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\vbscript.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-25 23:27:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\ieui.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-25 23:27:18 ----A---- C:\Windows\system32\ieframe.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\webcheck.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\wininet.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\jscript9.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\msrating.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-25 23:27:14 ----A---- C:\Windows\system32\mshtml.dll
2017-01-25 23:27:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-25 23:27:10 ----A---- C:\Windows\system32\win32k.sys
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-25 23:27:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\ntdll.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\winload.exe
2017-01-25 23:27:06 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\advapi32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\schannel.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\msctf.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kernel32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kerberos.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\system32\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wow64win.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wintrust.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\user32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\gdi32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\clfs.sys
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\usp10.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\srcore.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-25 23:27:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\conhost.exe
2017-01-25 23:27:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\winsrv.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\msiexec.exe
2017-01-25 23:27:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-25 23:26:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\wow64.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\consent.exe
2017-01-25 23:26:59 ----A---- C:\Windows\system32\certcli.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-25 23:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-25 23:26:58 ----A---- C:\Windows\system32\adtschema.dll
2017-01-25 23:26:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-25 23:26:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\wdigest.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appinfo.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-25 23:26:55 ----A---- C:\Windows\system32\appidapi.dll
2017-01-25 23:26:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\smss.exe
2017-01-25 23:26:53 ----A---- C:\Windows\system32\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-25 23:26:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\secur32.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\rstrui.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\msihnd.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\lsass.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-25 23:26:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\auditpol.exe
2017-01-25 23:26:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-25 23:26:49 ----A---- C:\Windows\system32\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\credssp.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\lpk.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\atmlib.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\fontsub.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-25 23:26:44 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\INETRES.dll
======List of files/folders modified in the last 1 month======
2017-01-29 20:53:55 ----D---- C:\Windows\Temp
2017-01-29 20:35:58 ----D---- C:\Windows\system32\config
2017-01-29 20:26:51 ----D---- C:\Users\xy\AppData\Roaming\Seznam.cz
2017-01-29 20:22:39 ----D---- C:\Windows\Prefetch
2017-01-29 20:21:43 ----D---- C:\Windows\system32\Tasks
2017-01-29 20:16:58 ----D---- C:\Windows
2017-01-29 20:16:55 ----RD---- C:\Program Files (x86)
2017-01-29 20:16:49 ----D---- C:\ProgramData\ICQ
2017-01-29 20:16:46 ----HD---- C:\ProgramData
2017-01-29 20:11:29 ----D---- C:\Windows\tracing
2017-01-28 18:00:57 ----D---- C:\Program Files
2017-01-28 16:10:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-01-28 14:20:08 ----D---- C:\Windows\system32\drivers\etc
2017-01-28 14:13:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-28 14:13:26 ----D---- C:\Windows\system32\Macromed
2017-01-28 14:13:24 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-28 07:59:37 ----SHD---- C:\Windows\Installer
2017-01-28 07:59:30 ----D---- C:\Program Files (x86)\Google
2017-01-27 12:38:42 ----SHD---- C:\System Volume Information
2017-01-27 11:32:25 ----D---- C:\Users\xy\AppData\Roaming\ICQ
2017-01-27 10:34:05 ----D---- C:\Users\xy\AppData\Roaming\vlc
2017-01-26 18:27:14 ----D---- C:\Windows\rescache
2017-01-26 17:41:01 ----D---- C:\Windows\System32
2017-01-26 17:41:01 ----D---- C:\Windows\inf
2017-01-26 17:41:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-26 10:54:16 ----D---- C:\Windows\Microsoft.NET
2017-01-26 10:53:34 ----RSD---- C:\Windows\assembly
2017-01-25 23:49:41 ----D---- C:\Windows\winsxs
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\migration
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-25 23:45:46 ----D---- C:\Program Files\Internet Explorer
2017-01-25 23:45:46 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-25 23:45:45 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-25 23:45:45 ----D---- C:\Windows\SysWOW64
2017-01-25 23:45:44 ----D---- C:\Windows\system32\migration
2017-01-25 23:45:44 ----D---- C:\Windows\system32\drivers
2017-01-25 23:45:44 ----D---- C:\Windows\system32\cs-CZ
2017-01-25 23:45:43 ----D---- C:\Windows\system32\en-US
2017-01-25 23:45:41 ----SD---- C:\ProgramData\Microsoft
2017-01-25 23:45:41 ----D---- C:\Windows\system32\Boot
2017-01-25 23:45:41 ----D---- C:\Windows\AppPatch
2017-01-25 23:33:31 ----D---- C:\Windows\system32\MRT
2017-01-25 23:29:05 ----AC---- C:\Windows\system32\MRT.exe
2017-01-25 23:18:43 ----D---- C:\Windows\system32\catroot2
2017-01-23 17:36:21 ----SHD---- C:\$Recycle.Bin
2017-01-22 19:08:57 ----D---- C:\Downloads
2017-01-12 08:06:18 ----D---- C:\Program Files\SUPERAntiSpyware
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-03 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-09 427360]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-03 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-03 92008]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-10-03 172344]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-10-03 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 InstallerWrapperService;Service Installer Wrapper TrueKey; C:\Program Files\TrueKey\InstallerWrapperService.exe [2016-07-19 47688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-28 270936]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-02 1255736]
-----------------EOF-----------------
Run by xy at 2017-01-29 21:00:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 29 GB (24%) free of 119 GB
Total RAM: 4061 MB (67% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:00:33, on 29.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xy_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: @Sky video link.lnk = C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer Wrapper TrueKey (InstallerWrapperService) - McAfee, Inc. - C:\Program Files\TrueKey\InstallerWrapperService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10941 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
"C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-68a2fb8d-4475-458a-980a-a8aee3cf030f -SystemEventPortName:HostProcess-4ceb974c-7f68-48ff-8322-6e56438f513f -IoCancelEventPortName:HostProcess-24177f52-792c-49da-b0cb-2b31be8a6464 -NonStateChangingEventPortName:HostProcess-cf74cedf-c374-4237-8a27-29bc6e54bc05 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:61af67d0-d18e-4aac-b583-751b7df760e9 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
"C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe" "C:\Program Files (x86)\ATSKY\@Sky video link\Navigator\Main.htm"
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Users\xy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
\??\C:\Windows\system32\conhost.exe "-1252781201-117134277-593723252-478134225-897471015-1907998035794889908-107909241
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4288 CREDAT:3347764 /prefetch:2
C:\Windows\system32\AUDIODG.EXE 0x644
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xy\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\tasks\ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
C:\Windows\system32\tasks\WC3 - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\system32\tasks\{054C4B33-BE6F-4BC9-B1C0-8DBE0279645B} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\1\iview430_setup.exe -d C:\Users\xy\Desktop\1
C:\Windows\system32\tasks\{3B5CCC1D-DBD3-47E8-A809-3EAB4E425E40} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\irfanviewcestina.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{5C7389D1-9338-4704-A529-D1DF652C0B0F} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huffyuvSetup.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{81909028-B7A9-4002-94B7-D2FB3D426A01} - C:\Windows\system32\pcalua.exe -a "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02\DXSETUP.exe" -d "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02"
C:\Windows\system32\tasks\{DBA1D713-F717-4695-8064-E2A80B778D81} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huawei_driver.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2887688111-4091793534-1823414437-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension jogjmeegdjegaoilmiinaplaljoglcnm 0 Link to file on GD 0.3
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nkpcdamhlccefaoghpnhbneneccgjifm 0 Sound off in tabs 0.9
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-25 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-10-03 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-25 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-10-03 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{4F524A2D-5350-4500-76A7-7A786E7484D7}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017-01-10 7943072]
"cz.seznam.software.autoupdate"=C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"pdfSaver3"=c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-26 74752]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-09 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pdfSaver3"= []
"602PC SUITE PDF Saver"=C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe [2005-08-31 49152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
@Sky video link.lnk - C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-29 20:09:04 ----D---- C:\AdwCleaner
2017-01-28 18:00:57 ----D---- C:\rsit
2017-01-28 18:00:57 ----D---- C:\Program Files\trend micro
2017-01-28 14:20:10 ----A---- C:\AVScanner.ini
2017-01-28 14:13:49 ----D---- C:\ProgramData\McAfee
2017-01-28 14:13:38 ----D---- C:\Program Files\TrueKey
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iertutil.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\inseng.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-25 23:27:29 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-25 23:27:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-25 23:27:27 ----A---- C:\Windows\system32\occache.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\urlmon.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-25 23:27:25 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-25 23:27:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-25 23:27:24 ----A---- C:\Windows\system32\iesetup.dll
2017-01-25 23:27:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\vbscript.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-25 23:27:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\ieui.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-25 23:27:18 ----A---- C:\Windows\system32\ieframe.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\webcheck.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\wininet.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\jscript9.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\msrating.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-25 23:27:14 ----A---- C:\Windows\system32\mshtml.dll
2017-01-25 23:27:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-25 23:27:10 ----A---- C:\Windows\system32\win32k.sys
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-25 23:27:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\ntdll.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\winload.exe
2017-01-25 23:27:06 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\advapi32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\schannel.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\msctf.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kernel32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kerberos.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\system32\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wow64win.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wintrust.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\user32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\gdi32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\clfs.sys
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\usp10.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\srcore.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-25 23:27:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\conhost.exe
2017-01-25 23:27:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\winsrv.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\msiexec.exe
2017-01-25 23:27:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-25 23:26:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\wow64.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\consent.exe
2017-01-25 23:26:59 ----A---- C:\Windows\system32\certcli.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-25 23:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-25 23:26:58 ----A---- C:\Windows\system32\adtschema.dll
2017-01-25 23:26:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-25 23:26:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\wdigest.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appinfo.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-25 23:26:55 ----A---- C:\Windows\system32\appidapi.dll
2017-01-25 23:26:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\smss.exe
2017-01-25 23:26:53 ----A---- C:\Windows\system32\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-25 23:26:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\secur32.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\rstrui.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\msihnd.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\lsass.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-25 23:26:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\auditpol.exe
2017-01-25 23:26:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-25 23:26:49 ----A---- C:\Windows\system32\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\credssp.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\lpk.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\atmlib.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\fontsub.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-25 23:26:44 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\INETRES.dll
======List of files/folders modified in the last 1 month======
2017-01-29 20:53:55 ----D---- C:\Windows\Temp
2017-01-29 20:35:58 ----D---- C:\Windows\system32\config
2017-01-29 20:26:51 ----D---- C:\Users\xy\AppData\Roaming\Seznam.cz
2017-01-29 20:22:39 ----D---- C:\Windows\Prefetch
2017-01-29 20:21:43 ----D---- C:\Windows\system32\Tasks
2017-01-29 20:16:58 ----D---- C:\Windows
2017-01-29 20:16:55 ----RD---- C:\Program Files (x86)
2017-01-29 20:16:49 ----D---- C:\ProgramData\ICQ
2017-01-29 20:16:46 ----HD---- C:\ProgramData
2017-01-29 20:11:29 ----D---- C:\Windows\tracing
2017-01-28 18:00:57 ----D---- C:\Program Files
2017-01-28 16:10:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-01-28 14:20:08 ----D---- C:\Windows\system32\drivers\etc
2017-01-28 14:13:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-28 14:13:26 ----D---- C:\Windows\system32\Macromed
2017-01-28 14:13:24 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-28 07:59:37 ----SHD---- C:\Windows\Installer
2017-01-28 07:59:30 ----D---- C:\Program Files (x86)\Google
2017-01-27 12:38:42 ----SHD---- C:\System Volume Information
2017-01-27 11:32:25 ----D---- C:\Users\xy\AppData\Roaming\ICQ
2017-01-27 10:34:05 ----D---- C:\Users\xy\AppData\Roaming\vlc
2017-01-26 18:27:14 ----D---- C:\Windows\rescache
2017-01-26 17:41:01 ----D---- C:\Windows\System32
2017-01-26 17:41:01 ----D---- C:\Windows\inf
2017-01-26 17:41:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-26 10:54:16 ----D---- C:\Windows\Microsoft.NET
2017-01-26 10:53:34 ----RSD---- C:\Windows\assembly
2017-01-25 23:49:41 ----D---- C:\Windows\winsxs
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\migration
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-25 23:45:46 ----D---- C:\Program Files\Internet Explorer
2017-01-25 23:45:46 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-25 23:45:45 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-25 23:45:45 ----D---- C:\Windows\SysWOW64
2017-01-25 23:45:44 ----D---- C:\Windows\system32\migration
2017-01-25 23:45:44 ----D---- C:\Windows\system32\drivers
2017-01-25 23:45:44 ----D---- C:\Windows\system32\cs-CZ
2017-01-25 23:45:43 ----D---- C:\Windows\system32\en-US
2017-01-25 23:45:41 ----SD---- C:\ProgramData\Microsoft
2017-01-25 23:45:41 ----D---- C:\Windows\system32\Boot
2017-01-25 23:45:41 ----D---- C:\Windows\AppPatch
2017-01-25 23:33:31 ----D---- C:\Windows\system32\MRT
2017-01-25 23:29:05 ----AC---- C:\Windows\system32\MRT.exe
2017-01-25 23:18:43 ----D---- C:\Windows\system32\catroot2
2017-01-23 17:36:21 ----SHD---- C:\$Recycle.Bin
2017-01-22 19:08:57 ----D---- C:\Downloads
2017-01-12 08:06:18 ----D---- C:\Program Files\SUPERAntiSpyware
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-03 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-09 427360]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-03 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-03 92008]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-10-03 172344]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-10-03 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 InstallerWrapperService;Service Installer Wrapper TrueKey; C:\Program Files\TrueKey\InstallerWrapperService.exe [2016-07-19 47688]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-28 270936]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-02 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte a ntivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files (x86)\Google\Google Toolbar
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
:services
SeaPort
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Logfile of random's system information tool 1.14 (written by random/random)
Run by xy at 2017-01-29 22:16:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 56 GB (47%) free of 119 GB
Total RAM: 4061 MB (65% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:22, on 29.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xy_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: @Sky video link.lnk = C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer Wrapper TrueKey (InstallerWrapperService) - McAfee, Inc. - C:\Program Files\TrueKey\InstallerWrapperService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10484 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2c0
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\TrueKey\InstallerWrapperService.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bb140df3-c8b5-4955-b7c6-ec04a3cfdd6e -SystemEventPortName:HostProcess-849207d2-579d-467d-8b39-e9b94e0cc7bc -IoCancelEventPortName:HostProcess-2268d83a-9335-4971-8778-0b3c541caae6 -NonStateChangingEventPortName:HostProcess-3cc8ec8e-2eda-4c38-82d2-aaa14239893b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4cbfa2df-28e4-43d4-9d8f-24e4267ea362 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
"C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe" "C:\Program Files (x86)\ATSKY\@Sky video link\Navigator\Main.htm"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe"
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\xy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-349778550-1405791724-16017730041521330633535148449-442254027-1275643719256381028
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1888 CREDAT:267521 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xy\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\tasks\ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
C:\Windows\system32\tasks\WC3 - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\system32\tasks\{054C4B33-BE6F-4BC9-B1C0-8DBE0279645B} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\1\iview430_setup.exe -d C:\Users\xy\Desktop\1
C:\Windows\system32\tasks\{3B5CCC1D-DBD3-47E8-A809-3EAB4E425E40} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\irfanviewcestina.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{5C7389D1-9338-4704-A529-D1DF652C0B0F} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huffyuvSetup.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{81909028-B7A9-4002-94B7-D2FB3D426A01} - C:\Windows\system32\pcalua.exe -a "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02\DXSETUP.exe" -d "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02"
C:\Windows\system32\tasks\{DBA1D713-F717-4695-8064-E2A80B778D81} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huawei_driver.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2887688111-4091793534-1823414437-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension jogjmeegdjegaoilmiinaplaljoglcnm 0 Link to file on GD 0.3
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nkpcdamhlccefaoghpnhbneneccgjifm 0 Sound off in tabs 0.9
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-25 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-10-03 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-25 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-10-03 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017-01-10 7943072]
"cz.seznam.software.autoupdate"=C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"pdfSaver3"=c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-26 74752]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-09 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pdfSaver3"= []
"602PC SUITE PDF Saver"=C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe [2005-08-31 49152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
@Sky video link.lnk - C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-29 21:53:26 ----D---- C:\_OTM
2017-01-29 20:09:04 ----D---- C:\AdwCleaner
2017-01-28 18:00:57 ----D---- C:\rsit
2017-01-28 18:00:57 ----D---- C:\Program Files\trend micro
2017-01-28 14:20:10 ----A---- C:\AVScanner.ini
2017-01-28 14:13:49 ----D---- C:\ProgramData\McAfee
2017-01-28 14:13:38 ----D---- C:\Program Files\TrueKey
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iertutil.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\inseng.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-25 23:27:29 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-25 23:27:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-25 23:27:27 ----A---- C:\Windows\system32\occache.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\urlmon.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-25 23:27:25 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-25 23:27:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-25 23:27:24 ----A---- C:\Windows\system32\iesetup.dll
2017-01-25 23:27:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\vbscript.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-25 23:27:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\ieui.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-25 23:27:18 ----A---- C:\Windows\system32\ieframe.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\webcheck.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\wininet.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\jscript9.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\msrating.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-25 23:27:14 ----A---- C:\Windows\system32\mshtml.dll
2017-01-25 23:27:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-25 23:27:10 ----A---- C:\Windows\system32\win32k.sys
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-25 23:27:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\ntdll.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\winload.exe
2017-01-25 23:27:06 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\advapi32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\schannel.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\msctf.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kernel32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kerberos.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\system32\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wow64win.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wintrust.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\user32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\gdi32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\clfs.sys
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\usp10.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\srcore.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-25 23:27:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\conhost.exe
2017-01-25 23:27:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\winsrv.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\msiexec.exe
2017-01-25 23:27:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-25 23:26:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\wow64.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\consent.exe
2017-01-25 23:26:59 ----A---- C:\Windows\system32\certcli.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-25 23:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-25 23:26:58 ----A---- C:\Windows\system32\adtschema.dll
2017-01-25 23:26:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-25 23:26:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\wdigest.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appinfo.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-25 23:26:55 ----A---- C:\Windows\system32\appidapi.dll
2017-01-25 23:26:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\smss.exe
2017-01-25 23:26:53 ----A---- C:\Windows\system32\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-25 23:26:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\secur32.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\rstrui.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\msihnd.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\lsass.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-25 23:26:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\auditpol.exe
2017-01-25 23:26:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-25 23:26:49 ----A---- C:\Windows\system32\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\credssp.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\lpk.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\atmlib.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\fontsub.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-25 23:26:44 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\INETRES.dll
======List of files/folders modified in the last 1 month======
2017-01-29 22:15:38 ----D---- C:\Users\xy\AppData\Roaming\Seznam.cz
2017-01-29 22:11:33 ----D---- C:\Windows\Temp
2017-01-29 22:09:37 ----D---- C:\Windows\system32\config
2017-01-29 22:09:21 ----D---- C:\Windows\system32\Tasks
2017-01-29 21:53:27 ----D---- C:\Program Files (x86)\Google
2017-01-29 21:36:38 ----D---- C:\Windows\tracing
2017-01-29 20:22:39 ----D---- C:\Windows\Prefetch
2017-01-29 20:16:58 ----D---- C:\Windows
2017-01-29 20:16:55 ----RD---- C:\Program Files (x86)
2017-01-29 20:16:49 ----D---- C:\ProgramData\ICQ
2017-01-29 20:16:46 ----HD---- C:\ProgramData
2017-01-28 18:00:57 ----D---- C:\Program Files
2017-01-28 16:10:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-01-28 14:20:08 ----D---- C:\Windows\system32\drivers\etc
2017-01-28 14:13:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-28 14:13:26 ----D---- C:\Windows\system32\Macromed
2017-01-28 14:13:24 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-28 07:59:37 ----SHD---- C:\Windows\Installer
2017-01-27 12:38:42 ----SHD---- C:\System Volume Information
2017-01-27 11:32:25 ----D---- C:\Users\xy\AppData\Roaming\ICQ
2017-01-27 10:34:05 ----D---- C:\Users\xy\AppData\Roaming\vlc
2017-01-26 18:27:14 ----D---- C:\Windows\rescache
2017-01-26 17:41:01 ----D---- C:\Windows\System32
2017-01-26 17:41:01 ----D---- C:\Windows\inf
2017-01-26 17:41:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-26 10:54:16 ----D---- C:\Windows\Microsoft.NET
2017-01-26 10:53:34 ----RSD---- C:\Windows\assembly
2017-01-25 23:49:41 ----D---- C:\Windows\winsxs
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\migration
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-25 23:45:46 ----D---- C:\Program Files\Internet Explorer
2017-01-25 23:45:46 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-25 23:45:45 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-25 23:45:45 ----D---- C:\Windows\SysWOW64
2017-01-25 23:45:44 ----D---- C:\Windows\system32\migration
2017-01-25 23:45:44 ----D---- C:\Windows\system32\drivers
2017-01-25 23:45:44 ----D---- C:\Windows\system32\cs-CZ
2017-01-25 23:45:43 ----D---- C:\Windows\system32\en-US
2017-01-25 23:45:41 ----SD---- C:\ProgramData\Microsoft
2017-01-25 23:45:41 ----D---- C:\Windows\system32\Boot
2017-01-25 23:45:41 ----D---- C:\Windows\AppPatch
2017-01-25 23:33:31 ----D---- C:\Windows\system32\MRT
2017-01-25 23:29:05 ----AC---- C:\Windows\system32\MRT.exe
2017-01-25 23:18:43 ----D---- C:\Windows\system32\catroot2
2017-01-23 17:36:21 ----SHD---- C:\$Recycle.Bin
2017-01-22 19:08:57 ----D---- C:\Downloads
2017-01-12 08:06:18 ----D---- C:\Program Files\SUPERAntiSpyware
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-03 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-09 427360]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-03 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-03 92008]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-10-03 172344]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-10-03 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 InstallerWrapperService;Service Installer Wrapper TrueKey; C:\Program Files\TrueKey\InstallerWrapperService.exe [2016-07-19 47688]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-28 270936]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-02 1255736]
-----------------EOF-----------------
Run by xy at 2017-01-29 22:16:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 56 GB (47%) free of 119 GB
Total RAM: 4061 MB (65% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:16:22, on 29.1.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18538)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\PDF\pdfSaver\pdfSaver3.exe
C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xy_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [602PC SUITE PDF Saver] "C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe"
O4 - HKCU\..\Run: [Nero MediaHome 4] "C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [pdfSaver3] "c:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: @Sky video link.lnk = C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: tmchlang.lnk = C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer Wrapper TrueKey (InstallerWrapperService) - McAfee, Inc. - C:\Program Files\TrueKey\InstallerWrapperService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10484 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2c0
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\TrueKey\InstallerWrapperService.exe"
"C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
"C:\Program Files\P4G\BatteryLife.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bb140df3-c8b5-4955-b7c6-ec04a3cfdd6e -SystemEventPortName:HostProcess-849207d2-579d-467d-8b39-e9b94e0cc7bc -IoCancelEventPortName:HostProcess-2268d83a-9335-4971-8778-0b3c541caae6 -NonStateChangingEventPortName:HostProcess-3cc8ec8e-2eda-4c38-82d2-aaa14239893b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4cbfa2df-28e4-43d4-9d8f-24e4267ea362 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" MySyncFolder
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\PixArt\Pac7302\Monitor.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files\PDF\pdfSaver\pdfSaver3.exe"
"C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe" "C:\Program Files (x86)\ATSKY\@Sky video link\Navigator\Main.htm"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\602PHS\pdfSaver.exe"
C:\Users\xy\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
"C:\Users\xy\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-349778550-1405791724-16017730041521330633535148449-442254027-1275643719256381028
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\sppsvc.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1888 CREDAT:267521 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\xy\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASPG - C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Windows\system32\tasks\ASUS Live Update - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\tasks\ASUS P4G - C:\Program Files\P4G\BatteryLife.exe
C:\Windows\system32\tasks\ASUS SmartLogon Console Sensor - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\tasks\ASUSControlDeck - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Windows\system32\tasks\avast! Emergency Update - C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\P4GIntlCtrl - C:\Program Files\P4G\IntlCtrl.exe /DisableDPST
C:\Windows\system32\tasks\WC3 - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\system32\tasks\{054C4B33-BE6F-4BC9-B1C0-8DBE0279645B} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\1\iview430_setup.exe -d C:\Users\xy\Desktop\1
C:\Windows\system32\tasks\{3B5CCC1D-DBD3-47E8-A809-3EAB4E425E40} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\irfanviewcestina.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{5C7389D1-9338-4704-A529-D1DF652C0B0F} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huffyuvSetup.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\{81909028-B7A9-4002-94B7-D2FB3D426A01} - C:\Windows\system32\pcalua.exe -a "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02\DXSETUP.exe" -d "C:\Users\xy\Desktop\DirectX-9-0c-rar~\DirectX 9 0c hohy02"
C:\Windows\system32\tasks\{DBA1D713-F717-4695-8064-E2A80B778D81} - C:\Windows\system32\pcalua.exe -a C:\Users\xy\Desktop\huawei_driver.exe -d C:\Users\xy\Desktop
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2887688111-4091793534-1823414437-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Google Chrome=========
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension felcaaldnbdncclmgdcncolpebgiejap
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension jogjmeegdjegaoilmiinaplaljoglcnm 0 Link to file on GD 0.3
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.1
Extension nkpcdamhlccefaoghpnhbneneccgjifm 0 Sound off in tabs 0.9
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5516.1005.0.3
Homepage:
default_search_provider.search_url:
C:\Users\xy\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTer ... -SearchBox
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={15C4DF55-4B67-495A-A3D3-A497C4A49EE0}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}]
"URL"=http://search.seznam.cz/?sourceid=quick ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\ssv.dll [2016-12-25 571456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2014-10-03 612248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-12-25 234560]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-10-03 457712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2009-11-26 1732608]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nero MediaHome 4"=C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []
"ICQ"=C:\Program Files (x86)\ICQ7.7\ICQ.exe silent loginmode=4 []
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017-01-10 7943072]
"cz.seznam.software.autoupdate"=C:\Users\xy\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\xy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"pdfSaver3"=c:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-25 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe [2011-10-26 74752]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-12-09 4085896]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"pdfSaver3"= []
"602PC SUITE PDF Saver"=C:\Program Files (x86)\Common Files\602phs\pdfSaver.exe [2005-08-31 49152]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
@Sky video link.lnk - C:\Program Files (x86)\ATSKY\@Sky video link\Bin\ASLaunch.exe
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
tmchlang.lnk - C:\Program Files\Trend Micro\Internet Security\TmChLang.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-01-29 21:53:26 ----D---- C:\_OTM
2017-01-29 20:09:04 ----D---- C:\AdwCleaner
2017-01-28 18:00:57 ----D---- C:\rsit
2017-01-28 18:00:57 ----D---- C:\Program Files\trend micro
2017-01-28 14:20:10 ----A---- C:\AVScanner.ini
2017-01-28 14:13:49 ----D---- C:\ProgramData\McAfee
2017-01-28 14:13:38 ----D---- C:\Program Files\TrueKey
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-01-25 23:27:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iertutil.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\iernonce.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-01-25 23:27:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-01-25 23:27:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-01-25 23:27:30 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\inseng.dll
2017-01-25 23:27:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-01-25 23:27:29 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-01-25 23:27:29 ----A---- C:\Windows\system32\UtcResources.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-01-25 23:27:28 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-01-25 23:27:28 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-01-25 23:27:27 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-01-25 23:27:27 ----A---- C:\Windows\system32\occache.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-01-25 23:27:26 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\urlmon.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-01-25 23:27:26 ----A---- C:\Windows\system32\iedkcs32.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-01-25 23:27:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-01-25 23:27:25 ----A---- C:\Windows\system32\msfeeds.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\dxtrans.dll
2017-01-25 23:27:25 ----A---- C:\Windows\system32\diagtrack.dll
2017-01-25 23:27:24 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-01-25 23:27:24 ----A---- C:\Windows\system32\iesetup.dll
2017-01-25 23:27:23 ----A---- C:\Windows\system32\ieapfltr.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-01-25 23:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\vbscript.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\jsproxy.dll
2017-01-25 23:27:21 ----A---- C:\Windows\system32\ieUnatt.exe
2017-01-25 23:27:20 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\ieui.dll
2017-01-25 23:27:19 ----A---- C:\Windows\system32\dxtmsft.dll
2017-01-25 23:27:18 ----A---- C:\Windows\system32\ieframe.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\webcheck.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\mshtmled.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript9diag.dll
2017-01-25 23:27:17 ----A---- C:\Windows\system32\jscript.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\wininet.dll
2017-01-25 23:27:16 ----A---- C:\Windows\system32\jscript9.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\msrating.dll
2017-01-25 23:27:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-01-25 23:27:14 ----A---- C:\Windows\system32\mshtml.dll
2017-01-25 23:27:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-01-25 23:27:10 ----A---- C:\Windows\system32\win32k.sys
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-01-25 23:27:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-01-25 23:27:09 ----A---- C:\Windows\system32\MSVidCtl.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\ntdll.dll
2017-01-25 23:27:08 ----A---- C:\Windows\system32\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2017-01-25 23:27:07 ----A---- C:\Windows\SYSWOW64\msi.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\lsasrv.dll
2017-01-25 23:27:07 ----A---- C:\Windows\system32\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\winload.exe
2017-01-25 23:27:06 ----A---- C:\Windows\system32\rpcrt4.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\oleaut32.dll
2017-01-25 23:27:06 ----A---- C:\Windows\system32\advapi32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\win32spl.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\UIAnimation.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\schannel.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\msctf.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kernel32.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\kerberos.dll
2017-01-25 23:27:05 ----A---- C:\Windows\system32\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2017-01-25 23:27:04 ----A---- C:\Windows\SYSWOW64\authui.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\KernelBase.dll
2017-01-25 23:27:04 ----A---- C:\Windows\system32\inetcomm.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-01-25 23:27:03 ----A---- C:\Windows\system32\IMJP10K.DLL
2017-01-25 23:27:03 ----A---- C:\Windows\system32\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wow64win.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\wintrust.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\user32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\msv1_0.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\gdi32.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\cryptsvc.dll
2017-01-25 23:27:02 ----A---- C:\Windows\system32\clfs.sys
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\user32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-01-25 23:27:01 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\usp10.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\srcore.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\drivers\cng.sys
2017-01-25 23:27:01 ----A---- C:\Windows\system32\cryptnet.dll
2017-01-25 23:27:01 ----A---- C:\Windows\system32\conhost.exe
2017-01-25 23:27:01 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\usp10.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-01-25 23:27:00 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\winsrv.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\rpchttp.dll
2017-01-25 23:27:00 ----A---- C:\Windows\system32\msiexec.exe
2017-01-25 23:27:00 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-01-25 23:26:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\wow64.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\ncrypt.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-01-25 23:26:59 ----A---- C:\Windows\system32\consent.exe
2017-01-25 23:26:59 ----A---- C:\Windows\system32\certcli.dll
2017-01-25 23:26:59 ----A---- C:\Windows\system32\bcdedit.exe
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-01-25 23:26:58 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-01-25 23:26:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-01-25 23:26:58 ----A---- C:\Windows\system32\adtschema.dll
2017-01-25 23:26:57 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-01-25 23:26:57 ----A---- C:\Windows\system32\drivers\bowser.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\wdigest.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\TSpkg.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\drivers\appid.sys
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appinfo.dll
2017-01-25 23:26:56 ----A---- C:\Windows\system32\appidsvc.dll
2017-01-25 23:26:55 ----A---- C:\Windows\system32\appidapi.dll
2017-01-25 23:26:54 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\smss.exe
2017-01-25 23:26:53 ----A---- C:\Windows\system32\input.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-01-25 23:26:53 ----A---- C:\Windows\system32\csrsrv.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\bcrypt.dll
2017-01-25 23:26:53 ----A---- C:\Windows\system32\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\hlink.dll
2017-01-25 23:26:52 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\sspicli.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\secur32.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\rstrui.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\nlsbres.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\msihnd.dll
2017-01-25 23:26:51 ----A---- C:\Windows\system32\lsass.exe
2017-01-25 23:26:51 ----A---- C:\Windows\system32\cryptbase.dll
2017-01-25 23:26:50 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\ntvdm64.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\msaudite.dll
2017-01-25 23:26:50 ----A---- C:\Windows\system32\auditpol.exe
2017-01-25 23:26:49 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-01-25 23:26:49 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-01-25 23:26:49 ----A---- C:\Windows\system32\srclient.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-01-25 23:26:49 ----A---- C:\Windows\system32\credssp.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\sspisrv.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\lpk.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\dciman32.dll
2017-01-25 23:26:48 ----A---- C:\Windows\system32\atmlib.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-01-25 23:26:47 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-01-25 23:26:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\wow64cpu.dll
2017-01-25 23:26:47 ----A---- C:\Windows\system32\fontsub.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-01-25 23:26:46 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-01-25 23:26:45 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-01-25 23:26:44 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-01-25 23:26:44 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-01-25 23:26:44 ----A---- C:\Windows\system32\apisetschema.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\user.exe
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\tzres.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msobjs.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\msimsg.dll
2017-01-25 23:26:43 ----A---- C:\Windows\system32\INETRES.dll
======List of files/folders modified in the last 1 month======
2017-01-29 22:15:38 ----D---- C:\Users\xy\AppData\Roaming\Seznam.cz
2017-01-29 22:11:33 ----D---- C:\Windows\Temp
2017-01-29 22:09:37 ----D---- C:\Windows\system32\config
2017-01-29 22:09:21 ----D---- C:\Windows\system32\Tasks
2017-01-29 21:53:27 ----D---- C:\Program Files (x86)\Google
2017-01-29 21:36:38 ----D---- C:\Windows\tracing
2017-01-29 20:22:39 ----D---- C:\Windows\Prefetch
2017-01-29 20:16:58 ----D---- C:\Windows
2017-01-29 20:16:55 ----RD---- C:\Program Files (x86)
2017-01-29 20:16:49 ----D---- C:\ProgramData\ICQ
2017-01-29 20:16:46 ----HD---- C:\ProgramData
2017-01-28 18:00:57 ----D---- C:\Program Files
2017-01-28 16:10:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2017-01-28 14:20:08 ----D---- C:\Windows\system32\drivers\etc
2017-01-28 14:13:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-01-28 14:13:26 ----D---- C:\Windows\system32\Macromed
2017-01-28 14:13:24 ----D---- C:\Windows\SYSWOW64\Macromed
2017-01-28 07:59:37 ----SHD---- C:\Windows\Installer
2017-01-27 12:38:42 ----SHD---- C:\System Volume Information
2017-01-27 11:32:25 ----D---- C:\Users\xy\AppData\Roaming\ICQ
2017-01-27 10:34:05 ----D---- C:\Users\xy\AppData\Roaming\vlc
2017-01-26 18:27:14 ----D---- C:\Windows\rescache
2017-01-26 17:41:01 ----D---- C:\Windows\System32
2017-01-26 17:41:01 ----D---- C:\Windows\inf
2017-01-26 17:41:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-01-26 10:54:16 ----D---- C:\Windows\Microsoft.NET
2017-01-26 10:53:34 ----RSD---- C:\Windows\assembly
2017-01-25 23:49:41 ----D---- C:\Windows\winsxs
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\migration
2017-01-25 23:45:46 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-01-25 23:45:46 ----D---- C:\Program Files\Internet Explorer
2017-01-25 23:45:46 ----D---- C:\Program Files (x86)\Internet Explorer
2017-01-25 23:45:45 ----D---- C:\Windows\SYSWOW64\en-US
2017-01-25 23:45:45 ----D---- C:\Windows\SysWOW64
2017-01-25 23:45:44 ----D---- C:\Windows\system32\migration
2017-01-25 23:45:44 ----D---- C:\Windows\system32\drivers
2017-01-25 23:45:44 ----D---- C:\Windows\system32\cs-CZ
2017-01-25 23:45:43 ----D---- C:\Windows\system32\en-US
2017-01-25 23:45:41 ----SD---- C:\ProgramData\Microsoft
2017-01-25 23:45:41 ----D---- C:\Windows\system32\Boot
2017-01-25 23:45:41 ----D---- C:\Windows\AppPatch
2017-01-25 23:33:31 ----D---- C:\Windows\system32\MRT
2017-01-25 23:29:05 ----AC---- C:\Windows\system32\MRT.exe
2017-01-25 23:18:43 ----D---- C:\Windows\system32\catroot2
2017-01-23 17:36:21 ----SHD---- C:\$Recycle.Bin
2017-01-22 19:08:57 ----D---- C:\Downloads
2017-01-12 08:06:18 ----D---- C:\Program Files\SUPERAntiSpyware
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-12-25 35384]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-10-03 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-10-03 224896]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-10-03 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-09 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-09 427360]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-10-03 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-10-03 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-10-03 92008]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 CamSuiteVAC;CamSuite Virtual Audio; C:\Windows\system32\DRIVERS\CamSuiteVAC.sys [2008-09-18 56320]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2007-08-09 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 PAC7302;FaceCam 300; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-10-03 172344]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-10-03 50344]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 InstallerWrapperService;Service Installer Wrapper TrueKey; C:\Program Files\TrueKey\InstallerWrapperService.exe [2016-07-19 47688]
R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-28 270936]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-11-25 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-11-12 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-02 1255736]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Díky moc, moc, moc 
-
Rudy
- Site Admin
- Příspěvky: 119418
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?