Zdravím,
pred pár dňami mi začal ísť pomalšie windows a sem tam sa aj trochu sekne.. plus sa mi vždy automatický nastavuje homepage v prehiadači na ourluckysites.com aj keď si to prestavím na inú.. Asi by som troch potreboval prečistiť PC, viete sa mi prosím pozrieť na log? Vďaka:
mLogfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-03 20:02:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 16 GB (3%) free of 588 GB
Total RAM: 8126 MB (75% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:09, on 3. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&t ... J9AB715480
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&t ... J9AB715480
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ourluckysites.com/?type=hp&t ... J9AB715480
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.ourluckysites.com/search/?ty ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.ourluckysites.com/search/?ty ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ourluckysites.com/?type=hp&t ... J9AB715480
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10282 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k Kitty -s
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
C:\Windows\System32\svchost.exe -k SNARE
C:\Windows\System32\svchost.exe -k SNAREA
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
C:\Windows\SysWOW64\svchost.exe -k WinSAPSvc
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe" --tray
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.ourluckysites.com/?type=sc&t ... J9AB715480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\lukas\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x74ff7dc8,0x74ff7dbc,0x74ff7dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1068 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1148 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=E252A416112E75493DC89801D15746AF --mojo-platform-channel-handle=1164 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=7C1536C1A00E7A12B6436CC759B1014E --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7C1536C1A00E7A12B6436CC759B1014E --renderer-client-id=9 --mojo-platform-channel-handle=1980 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=47B04DB994B7196993C0BFB6ACB0D014 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=47B04DB994B7196993C0BFB6ACB0D014 --renderer-client-id=4 --mojo-platform-channel-handle=3284 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=68FF67D1FFD7DB7F6A83C0CE33251375 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=68FF67D1FFD7DB7F6A83C0CE33251375 --renderer-client-id=5 --mojo-platform-channel-handle=2472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=D09F0BA2743A47A8B75F5A120D4DD7FB --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D09F0BA2743A47A8B75F5A120D4DD7FB --renderer-client-id=6 --mojo-platform-channel-handle=3312 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=E03C02562A108881F3E9F7865ABA1899 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=E03C02562A108881F3E9F7865ABA1899 --renderer-client-id=7 --mojo-platform-channel-handle=3700 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=B5BAB9AA8D38D9391EEF66BFCDC21E95 --lang=sk --extension-process --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=B5BAB9AA8D38D9391EEF66BFCDC21E95 --renderer-client-id=8 --mojo-platform-channel-handle=3812 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1148 --primordial-pipe-token=4E4349C5ABA242284690FA05A5D5C6CC --lang=sk --disable-client-side-phishing-detection --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --disable-accelerated-video-decode --service-request-channel-token=4E4349C5ABA242284690FA05A5D5C6CC --renderer-client-id=18 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\lukas\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Jmuchcagash - "msiexec" /i hTTp://D2bUH1bF1g584W.clOuDfroNt.net/mm ... d=20170427 /q
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Milimili - "C:\Program Files (x86)\MIO\MIO.exe" -bindurl http://api.suibianmaimaicom.com/samsung ... 715480.dat cmd=
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Samsung Update - msiexec /i hTtP://D2Buh1bF1G584W.CLouDfRoNT.net/mm ... d=20170428 /q
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\Windows-PG - C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe C:\windows\psgo\psgo.ps1
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=C:\Users\lukas\AppData\Roaming\Kizogrireent\Chzerszigoph.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:15 ----D---- C:\Users\lukas\AppData\Roaming\WinSAPSvc
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:16:52 ----D---- C:\Users\lukas\AppData\Roaming\Kizogrireent
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-03 20:02:10 ----D---- C:\Windows\Prefetch
2017-05-03 20:02:08 ----D---- C:\Windows\Temp
2017-05-03 20:02:08 ----D---- C:\Program Files\trend micro
2017-05-03 18:43:31 ----D---- C:\Windows\system32\Tasks
2017-05-03 17:07:54 ----D---- C:\Windows\system32\config
2017-05-03 16:17:18 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 13:43:25 ----D---- C:\Windows\System32
2017-05-03 13:43:25 ----D---- C:\Windows\inf
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-03 08:04:59 ----SHD---- C:\Windows\Installer
2017-05-03 08:04:59 ----RD---- C:\Program Files (x86)
2017-05-02 15:41:44 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-05-02 12:06:49 ----SHD---- C:\System Volume Information
2017-04-28 13:12:45 ----D---- C:\Windows
2017-04-27 21:11:31 ----D---- C:\Windows\system32\drivers
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-26 11:24:30 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 08:47:11 ----D---- C:\Program Files (x86)\McAfee
2017-04-25 08:46:44 ----D---- C:\Program Files\TrueKey
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:36 ----D---- C:\Windows\SysWOW64
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 Kitty;Kitty; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNARE;SNARE; C:\Windows\System32\svchost.exe -k SNARE;"ServiceDll" = C:\Users\lukas\AppData\Local\SNARE\Snare.dll
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-12 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-12 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
R2 WinSAPSvc;WinSAPSvc; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-12 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
OurLuckySites.com + sekanie windowsu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: OurLuckySites.com + sekanie windowsu
A teraz uz zacal aj crashovat google chroome a nainstalovala sa mi mozilla sama od seba. Alebo sa to aspon tvari ako Mozzila, pretoze v programoch ju nemam a zlozka, sa vola "Firefox" nie "mozilla firefox" ako myslim ze by sa spravne mala .. tak radsej som to ani neotvarval
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: OurLuckySites.com + sekanie windowsu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: OurLuckySites.com + sekanie windowsu
Hotovo. Falošný Firefox je uŽ preč, ale ourluckysites sa mi v chroome stále otvorí, keď ho zapnem. Posielam log, nech sa páči:
# AdwCleaner v6.046 - Logfile created 03/05/2017 at 21:42:51
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : lukas - LUKAS-PC
# Running from : C:\Users\lukas\Downloads\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: iSafeKrnlMon
[-] Service deleted: FirefoxU
[-] Service deleted: WinSAPSvc
[-] Service deleted: SNARE
[-] Service deleted: Kitty
***** [ Folders ] *****
[#] Folder deleted on reboot: C:\Users\lukas\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\RHEng
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\WinSAPSvc
[#] Folder deleted on reboot: C:\Program Files (x86)\Elex-tech
[-] Folder deleted: C:\Program Files (x86)\Firefox
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\Firefox
[-] Folder deleted: C:\Users\lukas\AppData\Local\Firefox
[#] Folder deleted on reboot: C:\Users\lukas\AppData\Local\SNARE
[-] Folder deleted: C:\Users\lukas\AppData\Local\Kitty
***** [ Files ] *****
[-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[-] File deleted: C:\Users\Public\Documents\temp.dat
[-] File deleted: C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Scheduled Tasks ] *****
[-] Task deleted: apachesrvin
[-] Task deleted: Jmuchcagash
[-] Task deleted: Samsung Update
[-] Task deleted: Milimili
[-] Task deleted: Windows-PG
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeService
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnl
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlboot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlkit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlmon
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlr3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafenetfilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafeservice
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[-] Key deleted: HKU\.DEFAULT\Software\ecb`nl
[-] Key deleted: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Conduit
[#] Key deleted on reboot: HKU\S-1-5-18\Software\ecb`nl
[#] Key deleted on reboot: HKCU\Software\Conduit
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\ScreenShot
[-] Key deleted: HKLM\SOFTWARE\ecb`nl
[-] Key deleted: HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
[-] Key deleted: HKLM\SOFTWARE\ourluckysitesSoftware
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[-] Key deleted: [x64] HKLM\SOFTWARE\ecb`nl
[-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key deleted: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Key deleted: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [Kitty]
***** [ Web browsers ] *****
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 17initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 19initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 11initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 72initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 7initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 84initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Deleted: hxxp://www.ourluckysites.com/?type=hp&ts=14937 ... J9AB715480
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [extension] Deleted: paddiapjbnmknhhobfcjnnmhgihnpgne
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [8451 Bytes] - [03/05/2017 21:42:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [9484 Bytes] - [03/05/2017 21:40:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8597 Bytes] ##########
# AdwCleaner v6.046 - Logfile created 03/05/2017 at 21:42:51
# Updated on 24/04/2017 by Malwarebytes
# Database : 2017-05-03.1 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : lukas - LUKAS-PC
# Running from : C:\Users\lukas\Downloads\adwcleaner_6.046.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service deleted: iSafeKrnlMon
[-] Service deleted: FirefoxU
[-] Service deleted: WinSAPSvc
[-] Service deleted: SNARE
[-] Service deleted: Kitty
***** [ Folders ] *****
[#] Folder deleted on reboot: C:\Users\lukas\AppData\Roaming\Elex-tech
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\RHEng
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\WinSAPSvc
[#] Folder deleted on reboot: C:\Program Files (x86)\Elex-tech
[-] Folder deleted: C:\Program Files (x86)\Firefox
[-] Folder deleted: C:\Users\lukas\AppData\Roaming\Firefox
[-] Folder deleted: C:\Users\lukas\AppData\Local\Firefox
[#] Folder deleted on reboot: C:\Users\lukas\AppData\Local\SNARE
[-] Folder deleted: C:\Users\lukas\AppData\Local\Kitty
***** [ Files ] *****
[-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File deleted: C:\Windows\SysNative\drivers\iSafeKrnlBoot.sys
[-] File deleted: C:\Windows\SysNative\drivers\iSafeNetFilter.sys
[-] File deleted: C:\Users\Public\Documents\temp.dat
[-] File deleted: C:\Users\Public\Documents\report.dat
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut disinfected: C:\Users\lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Scheduled Tasks ] *****
[-] Task deleted: apachesrvin
[-] Task deleted: Jmuchcagash
[-] Task deleted: Samsung Update
[-] Task deleted: Milimili
[-] Task deleted: Windows-PG
***** [ Registry ] *****
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlBoot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlKit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnlR3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\iSafeService
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnl
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlboot
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlkit
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlmon
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafekrnlr3
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafenetfilter
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\services\isafeservice
[-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[#] Key deleted on reboot: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\SNARE
[-] Key deleted: HKU\.DEFAULT\Software\ecb`nl
[-] Key deleted: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Conduit
[#] Key deleted on reboot: HKU\S-1-5-18\Software\ecb`nl
[#] Key deleted on reboot: HKCU\Software\Conduit
[-] Key deleted: HKLM\SOFTWARE\Conduit
[-] Key deleted: HKLM\SOFTWARE\Elex-tech
[-] Key deleted: HKLM\SOFTWARE\ScreenShot
[-] Key deleted: HKLM\SOFTWARE\ecb`nl
[-] Key deleted: HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
[-] Key deleted: HKLM\SOFTWARE\ourluckysitesSoftware
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe
[#] Key deleted on reboot: [x64] HKCU\Software\Conduit
[-] Key deleted: [x64] HKLM\SOFTWARE\ecb`nl
[-] Key deleted: [x64] HKLM\SOFTWARE\InterSect Alliance
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key deleted: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKU\S-1-5-21-1004493896-153057301-766688841-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[#] Data restored on reboot: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Key deleted: HKCU\SOFTWARE\Classes\ChromeHTML
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [Kitty]
***** [ Web browsers ] *****
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 17initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 19initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 11initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 72initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 7initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Web data] [Search Provider] Deleted: 84initialpage123
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Deleted: hxxp://www.ourluckysites.com/?type=hp&ts=14937 ... J9AB715480
[-] [C:\Users\lukas\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [extension] Deleted: paddiapjbnmknhhobfcjnnmhgihnpgne
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [8451 Bytes] - [03/05/2017 21:42:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [9484 Bytes] - [03/05/2017 21:40:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8597 Bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: OurLuckySites.com + sekanie windowsu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: OurLuckySites.com + sekanie windowsu
Logfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-03 22:12:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (3%) free of 588 GB
Total RAM: 8126 MB (64% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:31, on 3. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9674 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe" --tray
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\svchost.exe -k IISGroup
c:\windows\system32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x74117de4,0x74117dd0,0x74117df0
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=1776 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1184 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=02C7A63E0AA6BA2CCC8FE875D4E20BA3 --mojo-platform-channel-handle=1196 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=03AC0E3B100D4A27A828974AF3FE6E9E --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=03AC0E3B100D4A27A828974AF3FE6E9E --renderer-client-id=4 --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=0FB15552160E8DE3A4B47F8574C4960A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=0FB15552160E8DE3A4B47F8574C4960A --renderer-client-id=5 --mojo-platform-channel-handle=2764 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=35EC46040D875C187F5E2839DE78A5BD --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=35EC46040D875C187F5E2839DE78A5BD --renderer-client-id=6 --mojo-platform-channel-handle=2960 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=90D2C196EF50DB2B16E8838888A3C93B --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=90D2C196EF50DB2B16E8838888A3C93B --renderer-client-id=7 --mojo-platform-channel-handle=3276 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=7C84FE086DD498F709AC680F42F166A7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7C84FE086DD498F709AC680F42F166A7 --renderer-client-id=8 --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=39E4425E4BF2F67B5E9F6CDC41A12524 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=39E4425E4BF2F67B5E9F6CDC41A12524 --renderer-client-id=16 --mojo-platform-channel-handle=7016 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=93D3333927E4F40DCAE4C1BCF7E99568 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=93D3333927E4F40DCAE4C1BCF7E99568 --renderer-client-id=17 --mojo-platform-channel-handle=2148 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=7A7BE7213A574FEE81231CE60027D1A6 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7A7BE7213A574FEE81231CE60027D1A6 --renderer-client-id=19 --mojo-platform-channel-handle=4776 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=856BE709C9B6982E7B52E352EC3565B2 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=856BE709C9B6982E7B52E352EC3565B2 --renderer-client-id=20 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=99D8969F6154ADF61441BD5929B3A365 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=99D8969F6154ADF61441BD5929B3A365 --renderer-client-id=23 --mojo-platform-channel-handle=7340 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=E3E51225F1BFA5C146B1D015F1784E6E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=E3E51225F1BFA5C146B1D015F1784E6E --renderer-client-id=29 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=9FA3B9D66C131DB1682C37C2473DB1A7 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=9FA3B9D66C131DB1682C37C2473DB1A7 --renderer-client-id=31 --mojo-platform-channel-handle=7576 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=ppapi --field-trial-handle=1184 --ppapi-flash-args --lang=sk --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=1F71C83AFC8BF1F8765492EA8972AB9B --mojo-platform-channel-handle=8296 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=A21309863FDD29A2D317AD955AE1D7A9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=A21309863FDD29A2D317AD955AE1D7A9 --renderer-client-id=36 --mojo-platform-channel-handle=9224 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=98A10A970548F25BDC3CD2ECEE3DD58D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=98A10A970548F25BDC3CD2ECEE3DD58D --renderer-client-id=37 --mojo-platform-channel-handle=3100 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\lukas\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=C:\Users\lukas\AppData\Roaming\Kizogrireent\Chzerszigoph.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-03 21:44:18 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:17 ----A---- C:\Windows\SYSWOW64\43A8.tmp
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:16:52 ----D---- C:\Users\lukas\AppData\Roaming\Kizogrireent
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-03 22:12:29 ----D---- C:\Windows\Temp
2017-05-03 22:12:29 ----D---- C:\Program Files\trend micro
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 21:52:10 ----D---- C:\Windows\inf
2017-05-03 21:52:09 ----D---- C:\Windows
2017-05-03 21:47:57 ----D---- C:\Windows\system32\config
2017-05-03 21:45:45 ----D---- C:\Windows\system32\Tasks
2017-05-03 21:45:38 ----D---- C:\Windows\Prefetch
2017-05-03 21:44:18 ----D---- C:\Windows\system32\drivers
2017-05-03 21:42:23 ----RD---- C:\Program Files (x86)
2017-05-03 21:00:00 ----SHD---- C:\Windows\Installer
2017-05-03 20:41:17 ----D---- C:\Windows\SysWOW64
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 16:17:18 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-02 15:41:44 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-05-02 12:06:49 ----SHD---- C:\System Volume Information
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 08:47:11 ----D---- C:\Program Files (x86)\McAfee
2017-04-25 08:46:44 ----D---- C:\Program Files\TrueKey
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-12 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-12 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-12 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Run by lukas at 2017-05-03 22:12:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 17 GB (3%) free of 588 GB
Total RAM: 8126 MB (64% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:31, on 3. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9674 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe" --tray
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\SysWOW64\svchost.exe -k IISGroup
c:\windows\system32\svchost.exe -k secsvcs
C:\Windows\SysWOW64\rundll32.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x74117de4,0x74117dd0,0x74117df0
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=1776 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1184 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=02C7A63E0AA6BA2CCC8FE875D4E20BA3 --mojo-platform-channel-handle=1196 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=03AC0E3B100D4A27A828974AF3FE6E9E --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=03AC0E3B100D4A27A828974AF3FE6E9E --renderer-client-id=4 --mojo-platform-channel-handle=2664 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=0FB15552160E8DE3A4B47F8574C4960A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=0FB15552160E8DE3A4B47F8574C4960A --renderer-client-id=5 --mojo-platform-channel-handle=2764 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=35EC46040D875C187F5E2839DE78A5BD --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=35EC46040D875C187F5E2839DE78A5BD --renderer-client-id=6 --mojo-platform-channel-handle=2960 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=90D2C196EF50DB2B16E8838888A3C93B --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=90D2C196EF50DB2B16E8838888A3C93B --renderer-client-id=7 --mojo-platform-channel-handle=3276 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=7C84FE086DD498F709AC680F42F166A7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7C84FE086DD498F709AC680F42F166A7 --renderer-client-id=8 --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=39E4425E4BF2F67B5E9F6CDC41A12524 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=39E4425E4BF2F67B5E9F6CDC41A12524 --renderer-client-id=16 --mojo-platform-channel-handle=7016 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=93D3333927E4F40DCAE4C1BCF7E99568 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=93D3333927E4F40DCAE4C1BCF7E99568 --renderer-client-id=17 --mojo-platform-channel-handle=2148 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=7A7BE7213A574FEE81231CE60027D1A6 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7A7BE7213A574FEE81231CE60027D1A6 --renderer-client-id=19 --mojo-platform-channel-handle=4776 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=856BE709C9B6982E7B52E352EC3565B2 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=856BE709C9B6982E7B52E352EC3565B2 --renderer-client-id=20 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=99D8969F6154ADF61441BD5929B3A365 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=99D8969F6154ADF61441BD5929B3A365 --renderer-client-id=23 --mojo-platform-channel-handle=7340 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=E3E51225F1BFA5C146B1D015F1784E6E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=E3E51225F1BFA5C146B1D015F1784E6E --renderer-client-id=29 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=9FA3B9D66C131DB1682C37C2473DB1A7 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=9FA3B9D66C131DB1682C37C2473DB1A7 --renderer-client-id=31 --mojo-platform-channel-handle=7576 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=ppapi --field-trial-handle=1184 --ppapi-flash-args --lang=sk --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=1F71C83AFC8BF1F8765492EA8972AB9B --mojo-platform-channel-handle=8296 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=A21309863FDD29A2D317AD955AE1D7A9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=A21309863FDD29A2D317AD955AE1D7A9 --renderer-client-id=36 --mojo-platform-channel-handle=9224 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1184 --primordial-pipe-token=98A10A970548F25BDC3CD2ECEE3DD58D --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=98A10A970548F25BDC3CD2ECEE3DD58D --renderer-client-id=37 --mojo-platform-channel-handle=3100 /prefetch:1
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\lukas\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-14 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-14 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=C:\Users\lukas\AppData\Roaming\Kizogrireent\Chzerszigoph.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-03 21:44:18 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:17 ----A---- C:\Windows\SYSWOW64\43A8.tmp
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:16:52 ----D---- C:\Users\lukas\AppData\Roaming\Kizogrireent
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-03 22:12:29 ----D---- C:\Windows\Temp
2017-05-03 22:12:29 ----D---- C:\Program Files\trend micro
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 21:52:10 ----D---- C:\Windows\inf
2017-05-03 21:52:09 ----D---- C:\Windows
2017-05-03 21:47:57 ----D---- C:\Windows\system32\config
2017-05-03 21:45:45 ----D---- C:\Windows\system32\Tasks
2017-05-03 21:45:38 ----D---- C:\Windows\Prefetch
2017-05-03 21:44:18 ----D---- C:\Windows\system32\drivers
2017-05-03 21:42:23 ----RD---- C:\Program Files (x86)
2017-05-03 21:00:00 ----SHD---- C:\Windows\Installer
2017-05-03 20:41:17 ----D---- C:\Windows\SysWOW64
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 16:17:18 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-02 15:41:44 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-05-02 12:06:49 ----SHD---- C:\System Volume Information
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 08:47:11 ----D---- C:\Program Files (x86)\McAfee
2017-04-25 08:46:44 ----D---- C:\Program Files\TrueKey
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-12 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-12 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-12 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Re: OurLuckySites.com + sekanie windowsu
Ale teraz som v nastaveniach Chroomu prestavil domovskú stránku späť na Google a vyzerá, že už to ide .. (predtým sa to automaticky prstavilo spať na ourluckysite, teraz po vypnutí a zapnutí je stále google) Takže ak vyzerá log už ok, malo by to byť v poriadku?
Re: OurLuckySites.com + sekanie windowsu
Ide to fajn! Tak teda ďakujem za pomoc 
Re: OurLuckySites.com + sekanie windowsu
Tak nie, stále to blbne.. znova sa mi ten firefox faločný nainštaloval a tentokrát nepomohlo ani keď som to skúsil preskenovaŤ a odstrániť cez ten program... pozeral som google chrome extensions, keď mi to spravilo a myslím, že aj minule sa to stalo, keď som robil niečo s tým
Tak posielam nový log:
Logfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-04 16:59:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 8126 MB (70% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:14, on 4. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Users\lukas\AppData\Local\background_fault\aswRD.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [background_fault] "C:\Users\lukas\AppData\Local\background_fault\aswRD.exe" "C:\Users\lukas\AppData\Local\background_fault\bf.dll",background_fault_collector
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9350 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Users\lukas\AppData\Local\background_fault\aswRD.exe" "C:\Users\lukas\AppData\Local\background_fault\bf.dll",background_fault_collector
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\SysWOW64\ctfmon.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x73877de4,0x73877dd0,0x73877df0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=4484 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1124 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=3BEF3C29E47E12F14C09F7CA4469516D --mojo-platform-channel-handle=1136 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=7F98E5DE9D6E678ABF20C9115816AAB1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7F98E5DE9D6E678ABF20C9115816AAB1 --renderer-client-id=9 --mojo-platform-channel-handle=2456 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=0759AB84568EE5A753DF5FC6A91A223A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=0759AB84568EE5A753DF5FC6A91A223A --renderer-client-id=4 --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=54D001E0C5ECE79E90C35DE752411C3C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=54D001E0C5ECE79E90C35DE752411C3C --renderer-client-id=5 --mojo-platform-channel-handle=3416 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=249825699FD285D168F4AE820223ACC8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=249825699FD285D168F4AE820223ACC8 --renderer-client-id=6 --mojo-platform-channel-handle=3528 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=2970CA7B7A00613333B2DBB544980C45 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=2970CA7B7A00613333B2DBB544980C45 --renderer-client-id=7 --mojo-platform-channel-handle=3560 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=D986D28C51C68EE581DF3A37DEA59C45 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D986D28C51C68EE581DF3A37DEA59C45 --renderer-client-id=8 --mojo-platform-channel-handle=3664 /prefetch:1
C:\Windows\SysWOW64\svchost.exe -k IISGroup
C:\Windows\SysWOW64\rundll32.exe
c:\windows\system32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\lukas\Downloads\RSITx64.exe"
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
"background_fault"=C:\Users\lukas\AppData\Local\background_fault\aswRD.exe [2017-05-04 1419576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=C:\Users\lukas\AppData\Roaming\Kizogrireent\Chzerszigoph.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-04 16:54:32 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-04 16:39:52 ----D---- C:\Program Files (x86)\AlphaGo
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:17 ----A---- C:\Windows\SYSWOW64\43A8.tmp
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:16:52 ----D---- C:\Users\lukas\AppData\Roaming\Kizogrireent
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-04 16:59:14 ----D---- C:\Windows\Prefetch
2017-05-04 16:59:12 ----D---- C:\Program Files\trend micro
2017-05-04 16:59:11 ----D---- C:\Windows\Temp
2017-05-04 16:57:48 ----D---- C:\Windows\system32\config
2017-05-04 16:56:50 ----D---- C:\Windows\system32\Tasks
2017-05-04 16:54:32 ----D---- C:\Windows\system32\drivers
2017-05-04 16:53:58 ----D---- C:\Windows
2017-05-04 16:53:01 ----RD---- C:\Program Files (x86)
2017-05-04 16:40:06 ----SHD---- C:\Windows\Installer
2017-05-04 11:58:52 ----SHD---- C:\System Volume Information
2017-05-04 10:39:21 ----D---- C:\Program Files (x86)\McAfee
2017-05-04 10:38:45 ----D---- C:\Program Files\TrueKey
2017-05-04 01:50:05 ----D---- C:\Windows\inf
2017-05-03 22:44:22 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 20:41:17 ----D---- C:\Windows\SysWOW64
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-02 15:41:44 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-18 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-18 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-18 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
Tak posielam nový log:
Logfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-04 16:59:11
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 8126 MB (70% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:59:14, on 4. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Users\lukas\AppData\Local\background_fault\aswRD.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [background_fault] "C:\Users\lukas\AppData\Local\background_fault\aswRD.exe" "C:\Users\lukas\AppData\Local\background_fault\bf.dll",background_fault_collector
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Service Installer TrueKey (InstallerService) - Unknown owner - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9350 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Users\lukas\AppData\Local\background_fault\aswRD.exe" "C:\Users\lukas\AppData\Local\background_fault\bf.dll",background_fault_collector
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\SysWOW64\ctfmon.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x73877de4,0x73877dd0,0x73877df0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=4484 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1124 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=3BEF3C29E47E12F14C09F7CA4469516D --mojo-platform-channel-handle=1136 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=7F98E5DE9D6E678ABF20C9115816AAB1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=7F98E5DE9D6E678ABF20C9115816AAB1 --renderer-client-id=9 --mojo-platform-channel-handle=2456 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=0759AB84568EE5A753DF5FC6A91A223A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=0759AB84568EE5A753DF5FC6A91A223A --renderer-client-id=4 --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=54D001E0C5ECE79E90C35DE752411C3C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=54D001E0C5ECE79E90C35DE752411C3C --renderer-client-id=5 --mojo-platform-channel-handle=3416 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=249825699FD285D168F4AE820223ACC8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=249825699FD285D168F4AE820223ACC8 --renderer-client-id=6 --mojo-platform-channel-handle=3528 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=2970CA7B7A00613333B2DBB544980C45 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=2970CA7B7A00613333B2DBB544980C45 --renderer-client-id=7 --mojo-platform-channel-handle=3560 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1124 --primordial-pipe-token=D986D28C51C68EE581DF3A37DEA59C45 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D986D28C51C68EE581DF3A37DEA59C45 --renderer-client-id=8 --mojo-platform-channel-handle=3664 /prefetch:1
C:\Windows\SysWOW64\svchost.exe -k IISGroup
C:\Windows\SysWOW64\rundll32.exe
c:\windows\system32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\lukas\Downloads\RSITx64.exe"
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
"background_fault"=C:\Users\lukas\AppData\Local\background_fault\aswRD.exe [2017-05-04 1419576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=C:\Users\lukas\AppData\Roaming\Kizogrireent\Chzerszigoph.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-04 16:54:32 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-04 16:39:52 ----D---- C:\Program Files (x86)\AlphaGo
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:17 ----A---- C:\Windows\SYSWOW64\43A8.tmp
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:16:52 ----D---- C:\Users\lukas\AppData\Roaming\Kizogrireent
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-04 16:59:14 ----D---- C:\Windows\Prefetch
2017-05-04 16:59:12 ----D---- C:\Program Files\trend micro
2017-05-04 16:59:11 ----D---- C:\Windows\Temp
2017-05-04 16:57:48 ----D---- C:\Windows\system32\config
2017-05-04 16:56:50 ----D---- C:\Windows\system32\Tasks
2017-05-04 16:54:32 ----D---- C:\Windows\system32\drivers
2017-05-04 16:53:58 ----D---- C:\Windows
2017-05-04 16:53:01 ----RD---- C:\Program Files (x86)
2017-05-04 16:40:06 ----SHD---- C:\Windows\Installer
2017-05-04 11:58:52 ----SHD---- C:\System Volume Information
2017-05-04 10:39:21 ----D---- C:\Program Files (x86)\McAfee
2017-05-04 10:38:45 ----D---- C:\Program Files\TrueKey
2017-05-04 01:50:05 ----D---- C:\Windows\inf
2017-05-03 22:44:22 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 20:41:17 ----D---- C:\Windows\SysWOW64
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-02 15:41:44 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-18 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-18 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S2 InstallerService;Service Installer TrueKey; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-18 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: OurLuckySites.com + sekanie windowsu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\system32\tasks\AutoKMS
C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\tasks\Trigger KMS Activation
C:\Program Files\KMSnano\TriggerKMS.exe
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7}
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB}
C:\Users\lukas\AppData\Roaming\Kizogrireent
C:\Windows\SYSWOW64\43A8.tmp
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]/64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"=-
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: OurLuckySites.com + sekanie windowsu
Hodilo to nejaký error:
https://ctrlv.cz/OD1Q
Môže to byť tým, že som po vložení logu ešte raz spúšťal adwcleaner a CCCleaner a niečo z toho sa už vyamzalo?
Posielam log každopádne, nech sa páči:
Logfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-04 20:10:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 8126 MB (64% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:57, on 4. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\lukas\Downloads\OTM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8560 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x735b7de4,0x735b7dd0,0x735b7df0
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=3096 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1136 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=174CB749CDD302B5927EFB8CF8801312 --mojo-platform-channel-handle=1152 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=26B10F5520242F91B33068F8FE3057EC --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=26B10F5520242F91B33068F8FE3057EC --renderer-client-id=4 --mojo-platform-channel-handle=2712 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=C4B2177C547E920998BAA8A388B66172 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=C4B2177C547E920998BAA8A388B66172 --renderer-client-id=5 --mojo-platform-channel-handle=2864 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=BED81AD29B3AFB02289E030D03E3CD0A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=BED81AD29B3AFB02289E030D03E3CD0A --renderer-client-id=6 --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=D3849CE544BD3E41A41D1462972BBFF8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D3849CE544BD3E41A41D1462972BBFF8 --renderer-client-id=7 --mojo-platform-channel-handle=2996 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=D431FBC7E77FD9ECAA22045DB847A94D --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D431FBC7E77FD9ECAA22045DB847A94D --renderer-client-id=8 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=563F3CD0A6D7A79B7E6851C46D2F6A12 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=563F3CD0A6D7A79B7E6851C46D2F6A12 --renderer-client-id=13 --mojo-platform-channel-handle=4744 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=CF6FB114A1F29A5F1557431BE0CF88FA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=CF6FB114A1F29A5F1557431BE0CF88FA --renderer-client-id=18 --mojo-platform-channel-handle=5804 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=F25001104DD8EF0FBF9DA76D06ACA3E0 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=F25001104DD8EF0FBF9DA76D06ACA3E0 --renderer-client-id=15 --mojo-platform-channel-handle=6100 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=027A4B5A976A984033353C0C5FF03AB4 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=027A4B5A976A984033353C0C5FF03AB4 --renderer-client-id=14 --mojo-platform-channel-handle=2660 /prefetch:1
C:\Windows\SysWOW64\svchost.exe -k IISGroup
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=FA94E668523A2935D3F5FCA6FD191492 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=FA94E668523A2935D3F5FCA6FD191492 --renderer-client-id=12 --mojo-platform-channel-handle=6884 /prefetch:1
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\sppsvc.exe
c:\windows\system32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=EFEA6425FB1357DF7CA627B0F53A28D5 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=EFEA6425FB1357DF7CA627B0F53A28D5 --renderer-client-id=22 --mojo-platform-channel-handle=4264 /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\lukas\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\background_fault]
C:\Users\lukas\AppData\Local\background_fault\aswRD.exe [2017-05-04 1419576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\lukas\Downloads\OTM.exe [2017-05-04 522240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-04 19:58:11 ----D---- C:\_OTM
2017-05-04 18:01:47 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-04 16:39:52 ----D---- C:\Program Files (x86)\AlphaGo
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-04 20:10:56 ----D---- C:\Windows\Temp
2017-05-04 20:10:56 ----D---- C:\Program Files\trend micro
2017-05-04 20:09:34 ----D---- C:\Windows\system32\config
2017-05-04 20:05:25 ----D---- C:\Windows
2017-05-04 20:02:46 ----D---- C:\Windows\Prefetch
2017-05-04 19:58:12 ----D---- C:\Windows\SysWOW64
2017-05-04 19:58:12 ----D---- C:\Windows\AutoKMS
2017-05-04 19:58:12 ----D---- C:\Program Files\KMSnano
2017-05-04 18:46:46 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-05-04 18:05:00 ----D---- C:\Windows\SoftwareDistribution
2017-05-04 18:04:15 ----D---- C:\Windows\inf
2017-05-04 18:03:36 ----D---- C:\Windows\system32\Tasks
2017-05-04 18:01:47 ----D---- C:\Windows\system32\drivers
2017-05-04 16:53:01 ----RD---- C:\Program Files (x86)
2017-05-04 16:40:06 ----SHD---- C:\Windows\Installer
2017-05-04 11:58:52 ----SHD---- C:\System Volume Information
2017-05-04 10:39:21 ----D---- C:\Program Files (x86)\McAfee
2017-05-04 10:38:45 ----D---- C:\Program Files\TrueKey
2017-05-03 22:44:22 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-18 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-18 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-18 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
https://ctrlv.cz/OD1Q
Môže to byť tým, že som po vložení logu ešte raz spúšťal adwcleaner a CCCleaner a niečo z toho sa už vyamzalo?
Posielam log každopádne, nech sa páči:
Logfile of random's system information tool 1.16 (written by random/random)
Run by lukas at 2017-05-04 20:10:54
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 19 GB (3%) free of 588 GB
Total RAM: 8126 MB (64% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:57, on 4. 5. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18639)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Dayglad\Application\chrome.exe
C:\Program Files\trend micro\lukas_RSITx64.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
O4 - HKLM\..\RunOnce: [OTM] "C:\Users\lukas\Downloads\OTM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - https://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: YAC Service (iSafeService) - Elex do Brasil Participaçoes Ltda - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel Security True Key (TrueKey) - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) - McAfee, Inc. - C:\Program Files\TrueKey\McTkSchedulerService.exe
O23 - Service: TrueKeyServiceHelper - McAfee, Inc. - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8560 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k localservicenetworkrestricted
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc2.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted
c:\windows\system32\svchost.exe -k localservice
c:\windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\vcsFPService.exe
c:\windows\system32\svchost.exe -k networkservice
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
c:\windows\system32\svchost.exe -k utcsvc
"C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe"
"C:\Program Files (x86)\Elex-tech\YAC\iSafeTray.exe"
c:\windows\system32\svchost.exe -k snarea
c:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe"
"C:\Program Files\TrueKey\McTkSchedulerService.exe"
C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE
"C:\PROGRA~3\ASGVIS\DONGLE~1\vrlservice.exe"
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation
"C:\Program Files (x86)\Dayglad\Application\chrome.exe"
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\lukas\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=58.0.3029.81 --initial-client-data=0x9c,0xa0,0xa4,0x98,0xa8,0x735b7de4,0x735b7dd0,0x735b7df0
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=watcher --main-thread-id=3096 --on-initialized-event-handle=320 --parent-handle=332 /prefetch:6
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=gpu-process --field-trial-handle=1136 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,16,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2559 --gpu-driver-date=10-21-2011 --service-request-channel-token=174CB749CDD302B5927EFB8CF8801312 --mojo-platform-channel-handle=1152 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=26B10F5520242F91B33068F8FE3057EC --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=26B10F5520242F91B33068F8FE3057EC --renderer-client-id=4 --mojo-platform-channel-handle=2712 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=C4B2177C547E920998BAA8A388B66172 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=C4B2177C547E920998BAA8A388B66172 --renderer-client-id=5 --mojo-platform-channel-handle=2864 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=BED81AD29B3AFB02289E030D03E3CD0A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=BED81AD29B3AFB02289E030D03E3CD0A --renderer-client-id=6 --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=D3849CE544BD3E41A41D1462972BBFF8 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D3849CE544BD3E41A41D1462972BBFF8 --renderer-client-id=7 --mojo-platform-channel-handle=2996 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=D431FBC7E77FD9ECAA22045DB847A94D --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=D431FBC7E77FD9ECAA22045DB847A94D --renderer-client-id=8 --mojo-platform-channel-handle=3088 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=563F3CD0A6D7A79B7E6851C46D2F6A12 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=563F3CD0A6D7A79B7E6851C46D2F6A12 --renderer-client-id=13 --mojo-platform-channel-handle=4744 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=CF6FB114A1F29A5F1557431BE0CF88FA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=CF6FB114A1F29A5F1557431BE0CF88FA --renderer-client-id=18 --mojo-platform-channel-handle=5804 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=F25001104DD8EF0FBF9DA76D06ACA3E0 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=F25001104DD8EF0FBF9DA76D06ACA3E0 --renderer-client-id=15 --mojo-platform-channel-handle=6100 /prefetch:1
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=027A4B5A976A984033353C0C5FF03AB4 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=027A4B5A976A984033353C0C5FF03AB4 --renderer-client-id=14 --mojo-platform-channel-handle=2660 /prefetch:1
C:\Windows\SysWOW64\svchost.exe -k IISGroup
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=FA94E668523A2935D3F5FCA6FD191492 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=FA94E668523A2935D3F5FCA6FD191492 --renderer-client-id=12 --mojo-platform-channel-handle=6884 /prefetch:1
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\sppsvc.exe
c:\windows\system32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Dayglad\Application\chrome.exe" --type=renderer --field-trial-handle=1136 --primordial-pipe-token=EFEA6425FB1357DF7CA627B0F53A28D5 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --disable-accelerated-video-decode --service-request-channel-token=EFEA6425FB1357DF7CA627B0F53A28D5 --renderer-client-id=22 --mojo-platform-channel-handle=4264 /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\wuauclt.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\lukas\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
====== Scheduled tasks folder ======
C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-lukas-PC-lukas - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled
C:\Windows\system32\tasks\AutoKMS - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\doPDF Update - "C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe" /oem=doPdf8_Softland /silent
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\McAfee Remediation (Prepare) - C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe /prepare
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1445716232 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\Thuhaent Reports - "C:\Program Files (x86)\Ckudalycotaied\coerheght.exe" dd5f483f-22ba-4fe2-8731-37dce570a7c0
C:\Windows\system32\tasks\Trigger KMS Activation - "C:\Program Files\KMSnano\TriggerKMS.exe" 31 "silent.cmd"
C:\Windows\system32\tasks\{AD6351CD-6B43-4EDB-92A9-8E149FE211A7} - C:\Windows\system32\pcalua.exe -a G:\sp58586.exe -d G:\
C:\Windows\system32\tasks\{AF0CD425-067E-48F3-89AE-02D66A44AADB} - C:\Windows\system32\pcalua.exe -a "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa\setup.exe" -d "C:\Users\lukas\Downloads\GTA San Andreas\hlm-gtasa"
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-1004493896-153057301-766688841-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={33BB0A4E-99AF-4226-BDF6-49120163DE86}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]
"URL"=http://www.ourluckysites.com/search/?ty ... earchTerms}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\ssv.dll [2016-07-26 462432]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_72\bin\jp2ssv.dll [2016-07-26 173152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-04-26 1429216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-04-26 1056992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-03-08 2887440]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-02-01 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-02-01 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-02-01 416024]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\background_fault]
C:\Users\lukas\AppData\Local\background_fault\aswRD.exe [2017-05-04 1419576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-01-15 8619224]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\lukas\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\lukas\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite Automount]
C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-02-07 4701888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2011-03-04 2741616]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON]
c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-12-20 2876704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22 597040]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Network Server.lnk]
C:\PROGRA~2\WIBUKEY\Server\WkSvMgr.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"OTM"=C:\Users\lukas\Downloads\OTM.exe [2017-05-04 522240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-10-21 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
"{CD25A912-294B-11E7-94AF-64006A5CFC35}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages" = scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"
====== List of files/folders created in the last 1 month ======
2017-05-04 19:58:11 ----D---- C:\_OTM
2017-05-04 18:01:47 ----A---- C:\Windows\system32\drivers\iSafeNetFilter.sys
2017-05-04 16:39:52 ----D---- C:\Program Files (x86)\AlphaGo
2017-05-03 21:38:44 ----D---- C:\AdwCleaner
2017-05-03 20:45:26 ----D---- C:\Users\lukas\AppData\Roaming\Dayglad
2017-05-03 20:41:44 ----D---- C:\Users\lukas\AppData\Roaming\Mozilla
2017-05-03 20:41:11 ----D---- C:\Program Files (x86)\IIS
2017-05-03 20:41:02 ----D---- C:\Program Files (x86)\Dayglad
2017-05-03 20:39:09 ----D---- C:\Windows\system32\log
2017-05-03 20:39:05 ----D---- C:\Program Files (x86)\Elex-tech
2017-05-03 20:39:04 ----D---- C:\Users\lukas\AppData\Roaming\Elex-tech
2017-05-03 08:04:53 ----D---- C:\Insist
2017-05-02 11:25:11 ----D---- C:\Program Files (x86)\b3lv5yai
2017-05-01 15:14:30 ----D---- C:\Users\lukas\AppData\Roaming\PSpad
2017-05-01 15:14:25 ----D---- C:\Program Files (x86)\PSPad editor
2017-04-28 13:12:45 ----D---- C:\Windows\psgo
2017-04-28 13:12:22 ----D---- C:\Program Files (x86)\MIO
2017-04-28 13:12:11 ----D---- C:\Alitkojck
2017-04-27 21:12:09 ----D---- C:\Users\lukas\AppData\Roaming\Profiles
2017-04-27 21:12:09 ----D---- C:\Program Files (x86)\Thuhaent Reports
2017-04-27 21:12:08 ----D---- C:\Program Files (x86)\Ckudalycotaied
2017-04-27 21:11:01 ----A---- C:\Windows\system32\drivers\dtliteusbbus.sys
2017-04-27 21:10:29 ----A---- C:\Windows\system32\drivers\dtlitescsibus.sys
2017-04-27 21:10:25 ----D---- C:\Program Files\DAEMON Tools Lite
2017-04-12 10:12:38 ----A---- C:\Windows\system32\mshtml.dll
2017-04-12 10:12:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-04-12 10:12:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-04-12 10:12:36 ----A---- C:\Windows\system32\ieframe.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\wininet.dll
2017-04-12 10:12:35 ----A---- C:\Windows\system32\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\wuaueng.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\win32k.sys
2017-04-12 10:12:34 ----A---- C:\Windows\system32\urlmon.dll
2017-04-12 10:12:34 ----A---- C:\Windows\system32\ole32.dll
2017-04-12 10:12:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\wucltux.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\win32spl.dll
2017-04-12 10:12:33 ----A---- C:\Windows\system32\samsrv.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\wuapi.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\ucrtbase.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\quartz.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\msfeeds.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\jscript.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\iedkcs32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\gdi32.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-04-12 10:12:32 ----A---- C:\Windows\system32\cdosys.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\atmfd.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-04-12 10:12:32 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\webcheck.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\samlib.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-04-12 10:12:31 ----A---- C:\Windows\system32\ntdll.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\mfmjpegdec.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\jscript9.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-04-12 10:12:31 ----A---- C:\Windows\system32\asycfilt.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-04-12 10:12:31 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuwebv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups2.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wups.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wudriver.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuauclt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wuapp.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64win.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64cpu.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wow64.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\winsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\wdigest.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\vbscript.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspisrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\sspicli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srcore.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\srclient.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\smss.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\schannel.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\secur32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rstrui.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpchttp.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\rpcrt4.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\occache.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\msrating.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\mshtmled.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsass.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lsasrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\lpk.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kernel32.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\kerberos.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\jscript9diag.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\inseng.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieUnatt.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieui.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iesetup.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\iernonce.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ieapfltr.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\ie4uinit.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\fontsub.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtrans.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\dxtmsft.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\drivers\appid.sys
2017-04-12 10:12:30 ----A---- C:\Windows\system32\csrsrv.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cryptbase.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\conhost.exe
2017-04-12 10:12:30 ----A---- C:\Windows\system32\certcli.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\cdd.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\bcrypt.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\appidapi.dll
2017-04-12 10:12:30 ----A---- C:\Windows\system32\advapi32.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-04-12 10:12:29 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\user.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\lpk.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-04-12 10:12:29 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\tzres.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\ntvdm64.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\dciman32.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\credssp.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\auditpol.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\atmlib.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidsvc.dll
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-04-12 10:12:29 ----A---- C:\Windows\system32\apisetschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msobjs.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\msaudite.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-04-12 10:12:28 ----A---- C:\Windows\system32\adtschema.dll
====== List of files/folders modified in the last 1 month ======
2017-05-04 20:10:56 ----D---- C:\Windows\Temp
2017-05-04 20:10:56 ----D---- C:\Program Files\trend micro
2017-05-04 20:09:34 ----D---- C:\Windows\system32\config
2017-05-04 20:05:25 ----D---- C:\Windows
2017-05-04 20:02:46 ----D---- C:\Windows\Prefetch
2017-05-04 19:58:12 ----D---- C:\Windows\SysWOW64
2017-05-04 19:58:12 ----D---- C:\Windows\AutoKMS
2017-05-04 19:58:12 ----D---- C:\Program Files\KMSnano
2017-05-04 18:46:46 ----D---- C:\Users\lukas\AppData\Roaming\uTorrent
2017-05-04 18:05:00 ----D---- C:\Windows\SoftwareDistribution
2017-05-04 18:04:15 ----D---- C:\Windows\inf
2017-05-04 18:03:36 ----D---- C:\Windows\system32\Tasks
2017-05-04 18:01:47 ----D---- C:\Windows\system32\drivers
2017-05-04 16:53:01 ----RD---- C:\Program Files (x86)
2017-05-04 16:40:06 ----SHD---- C:\Windows\Installer
2017-05-04 11:58:52 ----SHD---- C:\System Volume Information
2017-05-04 10:39:21 ----D---- C:\Program Files (x86)\McAfee
2017-05-04 10:38:45 ----D---- C:\Program Files\TrueKey
2017-05-03 22:44:22 ----A---- C:\Windows\d_jdmjol172.ini
2017-05-03 21:53:02 ----D---- C:\Users\lukas\AppData\Roaming\DAEMON Tools Lite
2017-05-03 20:39:09 ----D---- C:\Windows\System32
2017-05-03 13:43:25 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-04-27 21:11:30 ----D---- C:\Windows\system32\DriverStore
2017-04-27 21:10:25 ----RD---- C:\Program Files
2017-04-27 21:09:51 ----D---- C:\ProgramData\DAEMON Tools Lite
2017-04-27 20:00:59 ----D---- C:\Program Files (x86)\Steam
2017-04-25 12:25:05 ----D---- C:\Program Files (x86)\Opera
2017-04-25 08:53:34 ----D---- C:\Users\lukas\AppData\Roaming\MPC-HC
2017-04-25 01:38:55 ----D---- C:\AITEMP
2017-04-21 12:59:45 ----D---- C:\ProgramData\McAfee
2017-04-18 23:26:21 ----D---- C:\Windows\system32\NDF
2017-04-13 13:38:48 ----D---- C:\Windows\rescache
2017-04-13 10:32:34 ----D---- C:\Windows\Microsoft.NET
2017-04-13 10:28:04 ----RSD---- C:\Windows\assembly
2017-04-13 09:56:09 ----D---- C:\Windows\winsxs
2017-04-13 09:52:38 ----D---- C:\Program Files\Internet Explorer
2017-04-13 09:52:37 ----D---- C:\Windows\SYSWOW64\en-US
2017-04-13 09:52:33 ----D---- C:\Windows\system32\en-US
2017-04-13 09:52:26 ----D---- C:\Windows\AppPatch
2017-04-13 09:52:25 ----D---- C:\Program Files (x86)\Internet Explorer
2017-04-13 09:52:22 ----D---- C:\Windows\system32\Boot
2017-04-13 02:54:21 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-04-12 10:04:37 ----D---- C:\Windows\system32\catroot2
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 iSafeKrnl;YAC Mini-Filter Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [2016-05-23 262344]
R1 iSafeKrnlKit;YAC Kit Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [2016-05-23 110112]
R1 iSafeKrnlMon;YAC Monitor Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [2016-05-23 52440]
R1 iSafeKrnlR3;YAC Ring3 Driver; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlR3.sys [2016-05-23 103904]
R1 iSafeNetFilter;YAC NDIS Driver; C:\Windows\system32\DRIVERS\iSafeNetFilter.sys [2016-05-19 52392]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2017-02-02 137792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2017-04-27 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2017-04-27 47672]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-08 425232]
S2 WIBUKEY;WIBU-KEY Kernel Driver; C:\Windows\SYSTEM32\DRIVERS\WibuKey64.sys []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2015-12-07 44192]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800]
S3 iSafeKrnlBoot;YAC Boot Driver; C:\Windows\system32\DRIVERS\iSafeKrnlBoot.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 iSafeService;YAC Service; C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe [2016-12-02 131024]
R2 NovaPdfServer;novaPDF Server; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [2016-06-17 51112]
R2 SNAREA;SNAREA; C:\Windows\System32\svchost.exe -k SNAREA;"ServiceDll" = C:\Users\lukas\AppData\Local\SNAREA\Snare.dll
R2 TrueKey;Intel Security True Key; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-04-18 996736]
R2 TrueKeyScheduler;Intel Security True Key Scheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [2017-04-18 16160]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2012-07-19 2714232]
R2 VRLService;VRLService; C:\PROGRA~3\ASGVIS\DONGLE~1\STARTV~1.EXE [2012-12-06 212992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-20 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-20 125064]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S2 IISvr;Internet Information Service; %SystemRoot%\System32\svchost.exe -k IISGroup;"ServiceDll" = C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\te\msdeploy.resources.dll
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-20 51320]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-02-07 1471168]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-10-24 1431888]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-24 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-03-25 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-12-20 1467168]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-04-18 86776]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-10-26 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S4 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S4 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2011-03-04 73728]
S4 McNeelUpdate;McNeel Update Service 5.0; c:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [2014-06-24 67224]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-20 135800]
S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: OurLuckySites.com + sekanie windowsu
To ani ne. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: OurLuckySites.com + sekanie windowsu
Posielam scan, nech sa páči. Znovu sa v chroome prestavila domovska stranka, tentokrat na luckysearch1237
Posielam link na stiahnutie pretoze to ma vela znakov:
http://leteckaposta.cz/215412922
Posielam link na stiahnutie pretoze to ma vela znakov:
http://leteckaposta.cz/215412922
-
Rudy
- Site Admin
- Příspěvky: 119428
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: OurLuckySites.com + sekanie windowsu
Všechny nálezy MBAM smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: OurLuckySites.com + sekanie windowsu
Zmazané, tak uvidíme či už je to okej, alebo mám ešte niečo spraviť, nejaký log alebo tak?
Přispějete na provoz fóra?